Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a3d0ad7f by Moritz Muehlenhoff at 2018-04-04T23:38:48+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -43564,7 +43564,7 @@ CVE-2017-11077
 CVE-2017-11076
        RESERVED
 CVE-2017-11075 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD 
Android with ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11074 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11073 (In android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
@@ -55293,9 +55293,9 @@ CVE-2016-10301
 CVE-2016-10300
        RESERVED
 CVE-2016-10299 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10298 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10297 (In TrustZone in all Android releases from CAF using the Linux 
kernel, ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10296 (An information disclosure vulnerability in the Qualcomm shared 
memory ...)
@@ -55356,21 +55356,21 @@ CVE-2015-9016 [blk-mq: fix race between timeout and 
freeing request]
        [wheezy] - linux <not-affected> (Vulnerable code not present)
        NOTE: Fixed by: 
https://git.kernel.org/linus/0048b4837affd153897ed1222283492070027aa9 (4.3-rc1)
 CVE-2015-9015 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9014 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9013 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9012 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9011 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9010 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9009 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9008 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9007 (In TrustZone in all Android releases from CAF using the Linux 
kernel, ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9006 (In Resource Power Manager (RPM) in all Android releases from 
CAF using ...)
@@ -55393,7 +55393,7 @@ CVE-2014-9955 (An elevation of privilege vulnerability 
in Qualcomm closed source
 CVE-2014-9954 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
        NOT-FOR-US: Qualcomm component for Android
 CVE-2014-9953 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2014-9952 (In the Secure File System in all Android releases from CAF 
using the ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9951 (In TrustZone in all Android releases from CAF using the Linux 
kernel, ...)
@@ -55891,19 +55891,19 @@ CVE-2017-7175 (NfSen before 1.3.8 allows remote 
attackers to execute arbitrary O
 CVE-2017-7174 (The user-account creation feature in Chef Manage 2.1.0 through 
2.4.4 ...)
        NOT-FOR-US: Chef Manage
 CVE-2017-7173 (An issue was discovered in certain Apple products. macOS before 
...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7172 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7171 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7170 (An issue was discovered in certain Apple products. macOS before 
...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7169
        RESERVED
 CVE-2017-7168
        RESERVED
 CVE-2017-7167 (An issue was discovered in certain Apple products. Xcode before 
9.2 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7166
        RESERVED
 CVE-2017-7165 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
@@ -55912,7 +55912,7 @@ CVE-2017-7165 (An issue was discovered in certain Apple 
products. iOS before 11.
        NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
        NOTE: Not covered by security support
 CVE-2017-7164 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7163 (An issue was discovered in certain Apple products. macOS before 
...)
        NOT-FOR-US: Intel Graphics Driver on Apple / macOS
 CVE-2017-7162 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
@@ -56142,7 +56142,7 @@ CVE-2017-7077 (An issue was discovered in certain Apple 
products. macOS before 1
 CVE-2017-7076 (An issue was discovered in certain Apple products. Xcode before 
9 is ...)
        NOT-FOR-US: Apple
 CVE-2017-7075 (An issue was discovered in certain Apple products. iOS before 
11 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7074 (An issue was discovered in certain Apple products. macOS before 
10.13 ...)
        NOT-FOR-US: Apple
 CVE-2017-7073
@@ -56152,7 +56152,7 @@ CVE-2017-7072 (An issue was discovered in certain Apple 
products. iOS before 11 
 CVE-2017-7071 (An issue was discovered in certain Apple products. Safari 
before 10.1 ...)
        TODO: check
 CVE-2017-7070 (An issue was discovered in certain Apple products. macOS before 
...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before 
10.3.3 ...)
        NOT-FOR-US: Apple
 CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before 
10.3.3 ...)
@@ -56161,7 +56161,7 @@ CVE-2017-7068 (An issue was discovered in certain Apple 
products. iOS before 10.
 CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before 
...)
        NOT-FOR-US: Apple
 CVE-2017-7066 (An issue was discovered in certain Apple products. iOS before 
10.3.3 ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7065 (An issue was discovered in certain Apple products. iOS before 
10.3.3 ...)
        NOT-FOR-US: Broadcom driver for Android
 CVE-2017-7064 (An issue was discovered in certain Apple products. iOS before 
10.3.3 ...)
@@ -56343,9 +56343,9 @@ CVE-2017-7006 (An issue was discovered in certain Apple 
products. iOS before 10.
 CVE-2017-7005 (An issue was discovered in certain Apple products. iOS before 
10.3.2 ...)
        TODO: check
 CVE-2017-7004 (An issue was discovered in certain Apple products. iOS before 
10.3.2 ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7003 (An issue was discovered in certain Apple products. iOS before 
10.3.2 ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-7002 (An issue was discovered in certain Apple products. iOS before 
10.3.2 ...)
        TODO: check
 CVE-2017-7001 (An issue was discovered in certain Apple products. iOS before 
10.3.2 ...)
@@ -56404,7 +56404,7 @@ CVE-2017-6978 (An issue was discovered in certain Apple 
products. macOS before .
 CVE-2017-6977 (An issue was discovered in certain Apple products. macOS before 
...)
        NOT-FOR-US: Apple
 CVE-2017-6976 (An issue was discovered in certain Apple products. iOS before 
10.3 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-6975 (Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 
stack ...)
        NOT-FOR-US: Applie
 CVE-2017-6974 (An issue was discovered in certain Apple products. macOS before 
...)
@@ -57982,7 +57982,7 @@ CVE-2016-10235 (A denial of service vulnerability in 
the Qualcomm WiFi driver. .
 CVE-2016-10234 (An information disclosure vulnerability in the Qualcomm IPA 
driver. ...)
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-10233 (An elevation of privilege vulnerability in the Qualcomm video 
driver. ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-10232 (An elevation of privilege vulnerability in the Qualcomm video 
driver. ...)
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-10231 (An elevation of privilege vulnerability in the Qualcomm sound 
codec ...)
@@ -65390,21 +65390,21 @@ CVE-2017-3973
 CVE-2017-3972 (Infrastructure-based foot printing vulnerability in the web 
interface ...)
        NOT-FOR-US: McAfee
 CVE-2017-3971 (Cryptanalysis vulnerability in the web interface in McAfee 
Network ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2017-3970
        RESERVED
 CVE-2017-3969 (Abuse of communication channels vulnerability in the server in 
McAfee ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2017-3968
        RESERVED
 CVE-2017-3967 (Target influence via framing vulnerability in the web interface 
in ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2017-3966 (Exploitation of session variables, resource IDs and other 
trusted ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2017-3965 (Cross-Site Request Forgery (CSRF) (aka Session Riding) 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2017-3964 (Reflective Cross-Site Scripting (XSS) vulnerability in the web 
...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2017-3963
        REJECTED
 CVE-2017-3962
@@ -71671,7 +71671,7 @@ CVE-2017-1774 (IBM Security Guardium Big Data 
Intelligence (SonarG) 3.1 disclose
 CVE-2017-1773 (IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an 
attacker ...)
        NOT-FOR-US: IBM DataPower Gateways
 CVE-2017-1772 (IBM Worklight (IBM MobileFirst Platform Foundation 6.3, 7.0, 
7.1, and ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1771
        RESERVED
 CVE-2017-1770
@@ -71749,7 +71749,7 @@ CVE-2017-1735
 CVE-2017-1734
        RESERVED
 CVE-2017-1733 (IBM QRadar 7.3 stores potentially sensitive information in log 
files ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1732
        RESERVED
 CVE-2017-1731 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could 
provide ...)
@@ -71967,7 +71967,7 @@ CVE-2017-1626
 CVE-2017-1625 (IBM Pulse for QRadar 1.0.0 - 1.0.3 discloses sensitive 
information to ...)
        NOT-FOR-US: IBM
 CVE-2017-1624 (IBM QRadar 7.3 and 7.3.1 specifies permissions for a 
security-critical ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1623 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. 
This ...)
        NOT-FOR-US: IBM QRadar
 CVE-2017-1622
@@ -79270,15 +79270,15 @@ CVE-2016-8489
        RESERVED
        NOT-FOR-US: Qualcomm components for Android
 CVE-2016-8488 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2016-8487 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2016-8486 (An information disclosure vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2016-8485 (An information disclosure vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2016-8484 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2016-8483 (An information disclosure vulnerability in the Qualcomm power 
driver ...)
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8482
@@ -126180,7 +126180,7 @@ CVE-2015-1977 (Directory traversal vulnerability in 
the Web Administration tool 
 CVE-2015-1976 (IBM Security Directory Server could allow an authenticated user 
to ...)
        NOT-FOR-US: IBM
 CVE-2015-1975 (The web administration tool in IBM Tivoli Security Directory 
Server ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2015-1974 (The web administration tool in IBM Tivoli Security Directory 
Server ...)
        NOT-FOR-US: IBM
 CVE-2015-1973



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3d0ad7fde11babd351d2f44d8b6cc9809bb8b14

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3d0ad7fde11babd351d2f44d8b6cc9809bb8b14
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to