[Secure-testing-commits] r38514 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Dec 24 10:19:55 UTC 2015 

Author: carnil
Date: 2015-12-24 10:19:55 +0000 (Thu, 24 Dec 2015)
New Revision: 38514

Modified:
   data/CVE/list
Log:
Mark some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-24 09:56:01 UTC (rev 38513)
+++ data/CVE/list	2015-12-24 10:19:55 UTC (rev 38514)
@@ -6622,15 +6622,15 @@
 CVE-2015-7111 (The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
 	TODO: check
 CVE-2015-7110 (The Disk Images component in Apple OS X before 10.11.2 and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7109 (IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7108 (The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7107 (QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows ...)
 	TODO: check
 CVE-2015-7106 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7105 (CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
 	TODO: check
 CVE-2015-7104 (WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote ...)
@@ -6686,11 +6686,11 @@
 CVE-2015-7079 (dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment ...)
 	TODO: check
 CVE-2015-7078 (Use-after-free vulnerability in Hypervisor in Apple OS X before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7077 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7076 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7075 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
 	TODO: check
 CVE-2015-7074 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and ...)
@@ -6700,7 +6700,7 @@
 CVE-2015-7072 (dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 ...)
 	TODO: check
 CVE-2015-7071 (The File Bookmark component in Apple OS X before 10.11.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7070 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows ...)
 	TODO: check
 CVE-2015-7069 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows ...)
@@ -6708,7 +6708,7 @@
 CVE-2015-7068 (IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
 	TODO: check
 CVE-2015-7067 (IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7066 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
 	TODO: check
 CVE-2015-7065 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before ...)
@@ -6716,15 +6716,15 @@
 CVE-2015-7064 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
 	TODO: check
 CVE-2015-7063 (The kernel loader in EFI in Apple OS X before 10.11.2 allows local ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7062 (Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7061 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7060 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7059 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7058 (Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 ...)
 	TODO: check
 CVE-2015-7057 (otools in Apple Xcode before 7.2 allows local users to gain privileges ...)
@@ -6738,7 +6738,7 @@
 CVE-2015-7053 (ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
 	TODO: check
 CVE-2015-7052 (kext tools in Apple OS X before 10.11.2 mishandles kernel-extension ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7051 (MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 ...)
 	TODO: check
 CVE-2015-7050 (WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses ...)
@@ -6752,9 +6752,9 @@
 CVE-2015-7046 (The Sandbox feature in xnu in Apple iOS before 9.2, OS X before ...)
 	TODO: check
 CVE-2015-7045 (Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7044 (The System Integrity Protection feature in Apple OS X before 10.11.2 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7043 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
 	TODO: check
 CVE-2015-7042 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
@@ -11426,7 +11426,7 @@
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
 	NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=6056396f77cafc7e40da4d09f1d6212408dcb065
 CVE-2015-5308 (Multiple SQL injection vulnerabilities in cs_admin_users.php in the ...)
-	TODO: check
+	NOT-FOR-US: wp-championship plugin for WordPress
 CVE-2015-5307 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
 	{DSA-3414-1 DSA-3396-1}
 	- linux 4.2.6-1
@@ -58180,7 +58180,7 @@
 CVE-2013-5230
 	RESERVED
 CVE-2013-5229 (The Remote Desktop full-screen feature in Apple OS X before 10.9 and ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2013-5228 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-5227 (Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers ...)

More information about the Secure-testing-commits mailing list