Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a3d0ad7f by Moritz Muehlenhoff at 2018-04-04T23:38:48+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -43564,7 +43564,7 @@ CVE-2017-11077
CVE-2017-11076
RESERVED
CVE-2017-11075 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD
Android with ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11074 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-11073 (In android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
@@ -55293,9 +55293,9 @@ CVE-2016-10301
CVE-2016-10300
RESERVED
CVE-2016-10299 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2016-10298 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2016-10297 (In TrustZone in all Android releases from CAF using the Linux
kernel, ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2016-10296 (An information disclosure vulnerability in the Qualcomm shared
memory ...)
@@ -55356,21 +55356,21 @@ CVE-2015-9016 [blk-mq: fix race between timeout and
freeing request]
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by:
https://git.kernel.org/linus/0048b4837affd153897ed1222283492070027aa9 (4.3-rc1)
CVE-2015-9015 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9014 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9013 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9012 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9011 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9010 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9009 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9008 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2015-9007 (In TrustZone in all Android releases from CAF using the Linux
kernel, ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2015-9006 (In Resource Power Manager (RPM) in all Android releases from
CAF using ...)
@@ -55393,7 +55393,7 @@ CVE-2014-9955 (An elevation of privilege vulnerability
in Qualcomm closed source
CVE-2014-9954 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2014-9953 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm component for Android
CVE-2014-9952 (In the Secure File System in all Android releases from CAF
using the ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2014-9951 (In TrustZone in all Android releases from CAF using the Linux
kernel, ...)
@@ -55891,19 +55891,19 @@ CVE-2017-7175 (NfSen before 1.3.8 allows remote
attackers to execute arbitrary O
CVE-2017-7174 (The user-account creation feature in Chef Manage 2.1.0 through
2.4.4 ...)
NOT-FOR-US: Chef Manage
CVE-2017-7173 (An issue was discovered in certain Apple products. macOS before
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7172 (An issue was discovered in certain Apple products. iOS before
11.2 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7171 (An issue was discovered in certain Apple products. iOS before
11.2 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7170 (An issue was discovered in certain Apple products. macOS before
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7169
RESERVED
CVE-2017-7168
RESERVED
CVE-2017-7167 (An issue was discovered in certain Apple products. Xcode before
9.2 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7166
RESERVED
CVE-2017-7165 (An issue was discovered in certain Apple products. iOS before
11.2 is ...)
@@ -55912,7 +55912,7 @@ CVE-2017-7165 (An issue was discovered in certain Apple
products. iOS before 11.
NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
NOTE: Not covered by security support
CVE-2017-7164 (An issue was discovered in certain Apple products. iOS before
11.2 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7163 (An issue was discovered in certain Apple products. macOS before
...)
NOT-FOR-US: Intel Graphics Driver on Apple / macOS
CVE-2017-7162 (An issue was discovered in certain Apple products. iOS before
11.2 is ...)
@@ -56142,7 +56142,7 @@ CVE-2017-7077 (An issue was discovered in certain Apple
products. macOS before 1
CVE-2017-7076 (An issue was discovered in certain Apple products. Xcode before
9 is ...)
NOT-FOR-US: Apple
CVE-2017-7075 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7074 (An issue was discovered in certain Apple products. macOS before
10.13 ...)
NOT-FOR-US: Apple
CVE-2017-7073
@@ -56152,7 +56152,7 @@ CVE-2017-7072 (An issue was discovered in certain Apple
products. iOS before 11
CVE-2017-7071 (An issue was discovered in certain Apple products. Safari
before 10.1 ...)
TODO: check
CVE-2017-7070 (An issue was discovered in certain Apple products. macOS before
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
NOT-FOR-US: Apple
CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
@@ -56161,7 +56161,7 @@ CVE-2017-7068 (An issue was discovered in certain Apple
products. iOS before 10.
CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before
...)
NOT-FOR-US: Apple
CVE-2017-7066 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7065 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
NOT-FOR-US: Broadcom driver for Android
CVE-2017-7064 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
@@ -56343,9 +56343,9 @@ CVE-2017-7006 (An issue was discovered in certain Apple
products. iOS before 10.
CVE-2017-7005 (An issue was discovered in certain Apple products. iOS before
10.3.2 ...)
TODO: check
CVE-2017-7004 (An issue was discovered in certain Apple products. iOS before
10.3.2 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7003 (An issue was discovered in certain Apple products. iOS before
10.3.2 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7002 (An issue was discovered in certain Apple products. iOS before
10.3.2 ...)
TODO: check
CVE-2017-7001 (An issue was discovered in certain Apple products. iOS before
10.3.2 ...)
@@ -56404,7 +56404,7 @@ CVE-2017-6978 (An issue was discovered in certain Apple
products. macOS before .
CVE-2017-6977 (An issue was discovered in certain Apple products. macOS before
...)
NOT-FOR-US: Apple
CVE-2017-6976 (An issue was discovered in certain Apple products. iOS before
10.3 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-6975 (Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956
stack ...)
NOT-FOR-US: Applie
CVE-2017-6974 (An issue was discovered in certain Apple products. macOS before
...)
@@ -57982,7 +57982,7 @@ CVE-2016-10235 (A denial of service vulnerability in
the Qualcomm WiFi driver. .
CVE-2016-10234 (An information disclosure vulnerability in the Qualcomm IPA
driver. ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10233 (An elevation of privilege vulnerability in the Qualcomm video
driver. ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10232 (An elevation of privilege vulnerability in the Qualcomm video
driver. ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10231 (An elevation of privilege vulnerability in the Qualcomm sound
codec ...)
@@ -65390,21 +65390,21 @@ CVE-2017-3973
CVE-2017-3972 (Infrastructure-based foot printing vulnerability in the web
interface ...)
NOT-FOR-US: McAfee
CVE-2017-3971 (Cryptanalysis vulnerability in the web interface in McAfee
Network ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2017-3970
RESERVED
CVE-2017-3969 (Abuse of communication channels vulnerability in the server in
McAfee ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2017-3968
RESERVED
CVE-2017-3967 (Target influence via framing vulnerability in the web interface
in ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2017-3966 (Exploitation of session variables, resource IDs and other
trusted ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2017-3965 (Cross-Site Request Forgery (CSRF) (aka Session Riding)
vulnerability ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2017-3964 (Reflective Cross-Site Scripting (XSS) vulnerability in the web
...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2017-3963
REJECTED
CVE-2017-3962
@@ -71671,7 +71671,7 @@ CVE-2017-1774 (IBM Security Guardium Big Data
Intelligence (SonarG) 3.1 disclose
CVE-2017-1773 (IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an
attacker ...)
NOT-FOR-US: IBM DataPower Gateways
CVE-2017-1772 (IBM Worklight (IBM MobileFirst Platform Foundation 6.3, 7.0,
7.1, and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1771
RESERVED
CVE-2017-1770
@@ -71749,7 +71749,7 @@ CVE-2017-1735
CVE-2017-1734
RESERVED
CVE-2017-1733 (IBM QRadar 7.3 stores potentially sensitive information in log
files ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1732
RESERVED
CVE-2017-1731 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could
provide ...)
@@ -71967,7 +71967,7 @@ CVE-2017-1626
CVE-2017-1625 (IBM Pulse for QRadar 1.0.0 - 1.0.3 discloses sensitive
information to ...)
NOT-FOR-US: IBM
CVE-2017-1624 (IBM QRadar 7.3 and 7.3.1 specifies permissions for a
security-critical ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1623 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting.
This ...)
NOT-FOR-US: IBM QRadar
CVE-2017-1622
@@ -79270,15 +79270,15 @@ CVE-2016-8489
RESERVED
NOT-FOR-US: Qualcomm components for Android
CVE-2016-8488 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2016-8487 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2016-8486 (An information disclosure vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2016-8485 (An information disclosure vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2016-8484 (An elevation of privilege vulnerability in Qualcomm closed
source ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2016-8483 (An information disclosure vulnerability in the Qualcomm power
driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-8482
@@ -126180,7 +126180,7 @@ CVE-2015-1977 (Directory traversal vulnerability in
the Web Administration tool
CVE-2015-1976 (IBM Security Directory Server could allow an authenticated user
to ...)
NOT-FOR-US: IBM
CVE-2015-1975 (The web administration tool in IBM Tivoli Security Directory
Server ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1974 (The web administration tool in IBM Tivoli Security Directory
Server ...)
NOT-FOR-US: IBM
CVE-2015-1973
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3d0ad7fde11babd351d2f44d8b6cc9809bb8b14
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3d0ad7fde11babd351d2f44d8b6cc9809bb8b14
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
