[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Thu, 05 Apr 2018 06:21:07 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
331c35ec by Moritz Muehlenhoff at 2018-04-05T15:20:04+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -36573,73 +36573,73 @@ CVE-2017-13309
 CVE-2017-13308
        RESERVED
 CVE-2017-13307 (A elevation of privilege vulnerability in the Upstream kernel 
pci ...)
-       TODO: check
+       NOT-FOR-US: Android kernel (no source release, so apparently not in 
mainline)
 CVE-2017-13306 (A elevation of privilege vulnerability in the Upstream kernel 
mnh ...)
-       TODO: check
+       NOT-FOR-US: Android kernel (no source release, so apparently not in 
mainline)
 CVE-2017-13305 (A information disclosure vulnerability in the Upstream kernel 
...)
-       TODO: check
+       NOT-FOR-US: Android kernel (no source release, so apparently not in 
mainline)
 CVE-2017-13304 (A information disclosure vulnerability in the Upstream kernel 
mnh_sm ...)
-       TODO: check
+       NOT-FOR-US: Android kernel (no source release, so apparently not in 
mainline)
 CVE-2017-13303 (A information disclosure vulnerability in the Broadcom bcmdhd 
driver. ...)
        NOT-FOR-US: Broadcom components for Android
 CVE-2017-13302 (A denial of service vulnerability in the Android system 
(system ui). ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13301 (A denial of service vulnerability in the Android system 
(system ui). ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13300 (A denial of service vulnerability in the Android media 
framework ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13299 (A other vulnerability in the Android media framework (libavc). 
...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13298 (A information disclosure vulnerability in the Android media 
framework ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13297 (A information disclosure vulnerability in the Android media 
framework ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13296 (A information disclosure vulnerability in the Android media 
framework ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13295 (A denial of service vulnerability in the Android framework 
(package ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13294 (A information disclosure vulnerability in the Android 
framework (aosp ...)
        NOT-FOR-US: Android framework (aosp email application)
 CVE-2017-13293 (In the nfc_hci_cmd_received() function of core.c, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android kernel (no source release, so apparently not in 
mainline)
 CVE-2017-13292 (In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out 
of ...)
-       TODO: check
+       NOT-FOR-US: Broadcom components for Android
 CVE-2017-13291 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13290 (In sdp_server_handle_client_req of sdp_server.cc, there is an 
out of ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13289 (In writeToParcel and createFromParcel of RttManager.java, 
there is a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13288 (In writeToParcel and readFromParcel of 
PeriodicAdvertisingReport.java, ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13287 (In createFromParcel of VerifyCredentialResponse.java, there is 
a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13286 (In writeToParcel and readFromParcel of 
OutputConfiguration.java, there ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13285 (In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, 
there is a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13284 (In config_set_string of config.cc, it is possible to pair a 
second BT ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13283 (In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is 
a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13282 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13281 (In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13280 (In the FrameSequence_gif::FrameSequence_gif function of ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13279 (In M3UParser::parse of M3UParser.cpp, there is a memory 
resource ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13278 (In MediaPlayerService::Client::notify of 
MediaPlayerService.cpp, there ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13277 (In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible 
out of ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13276 (In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android media framework
 CVE-2017-13275 (In getVSCoverage of CmapCoverage.cpp, there is a possible out 
of ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13274 (In the getHost() function of UriTest.java, there is the 
possibility of ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13273 (In xt_qtaguid.c, there is a race condition due to insufficient 
...)
        NOT-FOR-US: Android
 CVE-2017-13272 (In alarm_ready_generic of alarm.cc, there is a possible out of 
bounds ...)
@@ -36653,7 +36653,7 @@ CVE-2017-13269 (A information disclosure vulnerability 
in the Android system ...
 CVE-2017-13268 (A information disclosure vulnerability in the Android system 
...)
        NOT-FOR-US: Android
 CVE-2017-13267 (In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a 
possible stack ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-13266 (In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a 
possible stack ...)
        NOT-FOR-US: Android
 CVE-2017-13265 (A elevation of privilege vulnerability in the Android system 
(OTA ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/331c35ec3763e1011dae4c75005ab716f7580813

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/331c35ec3763e1011dae4c75005ab716f7580813
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to