[Secure-testing-commits] r36173 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Aug 19 14:52:38 UTC 2015
Author: jmm
Date: 2015-08-19 14:52:37 +0000 (Wed, 19 Aug 2015)
New Revision: 36173
Modified:
data/CVE/list
Log:
mark as NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-19 14:45:09 UTC (rev 36172)
+++ data/CVE/list 2015-08-19 14:52:37 UTC (rev 36173)
@@ -6919,9 +6919,10 @@
CVE-2015-3718 (systemstatsd in the System Stats subsystem in Apple OS X before ...)
NOT-FOR-US: Apple OS X
CVE-2015-3717 (Multiple buffer overflows in the printf functionality in SQLite, as ...)
- - sqlite3 <undetermined>
- NOTE: Might be an Apple-specific CVE
- NOTE: sqlite-dev thread https://groups.google.com/forum/#!topic/sqlite-dev/U7OjAbZO6LA
+ NOT-FOR-US: sqlite as shipped in iOS
+ NOTE: Fix for sqlite in iOS, upstream doesn't know whether it affects the standard
+ NOTE: code base, but Apple would probably have submitted a patch if that were the case
+ NOTE: sqlite-dev thread: https://groups.google.com/forum/#!topic/sqlite-dev/U7OjAbZO6LA
CVE-2015-3716 (Spotlight in Apple OS X before 10.10.4 allows attackers to execute ...)
NOT-FOR-US: Apple OS X
CVE-2015-3715 (The code-signing implementation in Apple OS X before 10.10.4 does not ...)
More information about the Secure-testing-commits
mailing list