Author: carnil
Date: 2015-09-19 12:02:44 +0000 (Sat, 19 Sep 2015)
New Revision: 36749
Modified:
data/CVE/list
Log:
Update some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-19 10:31:52 UTC (rev 36748)
+++ data/CVE/list 2015-09-19 12:02:44 UTC (rev 36749)
@@ -1,5 +1,5 @@
CVE-2015-7235 (Multiple SQL injection vulnerabilities in dex_reservations.php
in the ...)
- TODO: check
+ NOT-FOR-US: CP Reservation Calendar plugin for WordPress
CVE-2015-7234 (The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF
...)
TODO: check
CVE-2015-7233 (Cross-site request forgery (CSRF) vulnerability in the OSF
module ...)
@@ -868,7 +868,7 @@
CVE-2015-6839
RESERVED
CVE-2015-6829 (Multiple SQL injection vulnerabilities in the getip function in
...)
- TODO: check
+ NOT-FOR-US: getip function in wp-limit-login-attempts.php in the WP
Limit Login Attempts plugin for WordPress
CVE-2015-6828 (The tweet_info function in class/__functions.php in the
SecureMoz ...)
TODO: check
CVE-2015-6827 (Cross-site request forgery (CSRF) vulnerability in
Auto-Exchanger ...)
@@ -3041,7 +3041,7 @@
CVE-2015-5922
RESERVED
CVE-2015-5921 (WebKit in Apple iOS before 9 mishandles
"Content-Disposition: ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5920 (The Software Update component in Apple iTunes before 12.3 does
not ...)
TODO: check
CVE-2015-5919
@@ -3069,9 +3069,9 @@
CVE-2015-5908
RESERVED
CVE-2015-5907 (WebKit in Apple iOS before 9 allows man-in-the-middle attackers
to ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5906 (The HTML form implementation in WebKit in Apple iOS before 9
does not ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5905 (Safari in Apple iOS before 9 allows remote attackers to spoof
the ...)
TODO: check
CVE-2015-5904 (Safari in Apple iOS before 9 allows remote attackers to spoof
the ...)
@@ -3229,83 +3229,83 @@
CVE-2015-5828
RESERVED
CVE-2015-5827 (WebKit in Apple iOS before 9 allows remote attackers to bypass
the ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5826 (WebKit in Apple iOS before 9 does not properly select the cases
in ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5825 (WebKit in Apple iOS before 9 does not properly restrict the ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5824 (The NSURL implementation in the CFNetwork SSL component in
Apple iOS ...)
TODO: check
CVE-2015-5823 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5822 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5821 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5820 (WebKit in Apple iOS before 9 allows remote attackers to trigger
a ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5819 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5818 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5817 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5816 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5815 (WebKit, as used in Apple iTunes before 12.3, allows
man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5814 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5813 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5812 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5811 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5810 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5809 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5808 (WebKit, as used in Apple iTunes before 12.3, allows
man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5807 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5806 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5805 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5804 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5803 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5802 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5801 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5800 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5799 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5798 (WebKit, as used in Apple iTunes before 12.3, allows
man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5797 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5796 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5795 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5794 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5793 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5792 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5791 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5790 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5789 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5788 (The WebKit Canvas implementation in Apple iOS before 9 allows
remote ...)
TODO: check
CVE-2015-5787
@@ -3365,7 +3365,7 @@
CVE-2015-5760
RESERVED
CVE-2015-5759 (WebKit in Apple iOS before 8.4.1 allows remote attackers to
spoof ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5758 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
NOT-FOR-US: Apple OS X
CVE-2015-5757 (libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
@@ -8757,15 +8757,15 @@
CVE-2015-3755 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
before ...)
NOT-FOR-US: Safari
CVE-2015-3754 (The private-browsing implementation in WebKit in Apple Safari
before ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-3753 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
before ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-3752 (The Content Security Policy implementation in WebKit in Apple
Safari ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-3751 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
before ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-3750 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
before ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-3749 (WebKit, as used in Apple iOS before 8.4.1 and Safari before
6.2.8, 7.x ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-3748 (WebKit, as used in Apple iOS before 8.4.1 and Safari before
6.2.8, 7.x ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
