[Secure-testing-commits] r38582 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Dec 28 12:41:40 UTC 2015 

Author: carnil
Date: 2015-12-28 12:41:40 +0000 (Mon, 28 Dec 2015)
New Revision: 38582

Modified:
   data/CVE/list
Log:
Mark some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-28 12:39:32 UTC (rev 38581)
+++ data/CVE/list	2015-12-28 12:41:40 UTC (rev 38582)
@@ -6711,11 +6711,11 @@
 CVE-2015-7114
 	RESERVED
 CVE-2015-7113 (The LaunchServices component in Apple iOS before 9.2 and watchOS ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7112 (The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7111 (The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7110 (The Disk Images component in Apple OS X before 10.11.2 and tvOS before ...)
 	NOT-FOR-US: Apple
 CVE-2015-7109 (IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 ...)
@@ -6723,35 +6723,35 @@
 CVE-2015-7108 (The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local ...)
 	NOT-FOR-US: Apple
 CVE-2015-7107 (QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7106 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
 	NOT-FOR-US: Apple
 CVE-2015-7105 (CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7104 (WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote ...)
 	TODO: check
 CVE-2015-7103 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7102 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7101 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7100 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7099 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7098 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7097 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7096 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7095 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7094 (CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7093 (Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7092
 	RESERVED
 CVE-2015-7091
@@ -6769,9 +6769,9 @@
 CVE-2015-7085
 	RESERVED
 CVE-2015-7084 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7083 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7082 (Multiple unspecified vulnerabilities in Git before 2.5.4, as used in ...)
 	TODO: check
 CVE-2015-7081 (iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote ...)
@@ -6779,7 +6779,7 @@
 CVE-2015-7080 (Siri in Apple iOS before 9.2 allows physically proximate attackers to ...)
 	NOT-FOR-US: Apple
 CVE-2015-7079 (dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7078 (Use-after-free vulnerability in Hypervisor in Apple OS X before ...)
 	NOT-FOR-US: Apple
 CVE-2015-7077 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
@@ -6787,29 +6787,29 @@
 CVE-2015-7076 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
 	NOT-FOR-US: Apple
 CVE-2015-7075 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7074 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7073 (Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7072 (dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7071 (The File Bookmark component in Apple OS X before 10.11.2 allows ...)
 	NOT-FOR-US: Apple
 CVE-2015-7070 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7069 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7068 (IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7067 (IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to ...)
 	NOT-FOR-US: Apple
 CVE-2015-7066 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7065 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7064 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7063 (The kernel loader in EFI in Apple OS X before 10.11.2 allows local ...)
 	NOT-FOR-US: Apple
 CVE-2015-7062 (Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to ...)
@@ -6821,51 +6821,51 @@
 CVE-2015-7059 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and ...)
 	NOT-FOR-US: Apple
 CVE-2015-7058 (Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7057 (otools in Apple Xcode before 7.2 allows local users to gain privileges ...)
 	TODO: check
 CVE-2015-7056 (IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, ...)
 	TODO: check
 CVE-2015-7055 (AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7054 (zlib in the Compression component in Apple iOS before 9.2, OS X before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7053 (ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7052 (kext tools in Apple OS X before 10.11.2 mishandles kernel-extension ...)
 	NOT-FOR-US: Apple
 CVE-2015-7051 (MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7050 (WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7049 (otools in Apple Xcode before 7.2 allows local users to gain privileges ...)
 	TODO: check
 CVE-2015-7048 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7047 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7046 (The Sandbox feature in xnu in Apple iOS before 9.2, OS X before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7045 (Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 ...)
 	NOT-FOR-US: Apple
 CVE-2015-7044 (The System Integrity Protection feature in Apple OS X before 10.11.2 ...)
 	NOT-FOR-US: Apple
 CVE-2015-7043 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7042 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7041 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7040 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7039 (Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7038 (Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7037 (Directory traversal vulnerability in Mobile Backup in Photos in Apple ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7036 (The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7035 (Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and ...)
 	TODO: check
 CVE-2015-7034 (The Apple iWork application before 2.6 for iOS and Apple Pages before ...)
@@ -6935,7 +6935,7 @@
 CVE-2015-7002 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
 	NOT-FOR-US: Apple
 CVE-2015-7001 (AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-7000 (Notification Center in Apple iOS before 9.1 mishandles changes to ...)
 	NOT-FOR-US: Apple
 CVE-2015-6999 (The OCSP client in Apple iOS before 9.1 does not check for certificate ...)
@@ -9694,7 +9694,7 @@
 CVE-2015-5924 (The OpenGL implementation in Apple iOS before 9.1 and OS X before ...)
 	NOT-FOR-US: Apple
 CVE-2015-5923 (Apple iOS before 9.0.2 does not properly restrict the options ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5922 (Unspecified vulnerability in International Components for Unicode ...)
 	NOT-FOR-US: Apple
 CVE-2015-5921 (WebKit in Apple iOS before 9 mishandles "Content-Disposition: ...)
@@ -9822,7 +9822,7 @@
 CVE-2015-5860 (The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles ...)
 	NOT-FOR-US: Apple
 CVE-2015-5859 (The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5858 (The CFNetwork HTTPProtocol component in Apple iOS before 9 allows ...)
 	NOT-FOR-US: Apple
 CVE-2015-5857 (Mail in Apple iOS before 9 allows remote attackers to use an ...)
@@ -9966,7 +9966,7 @@
 CVE-2015-5788 (The WebKit Canvas implementation in Apple iOS before 9 allows remote ...)
 	NOT-FOR-US: Apple
 CVE-2015-5787 (The kernel in Apple iOS before 8.4.1 does not properly restrict ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5786 (Apple QuickTime before 7.7.8 allows remote attackers to execute ...)
 	NOT-FOR-US: Apple
 CVE-2015-5785 (Apple QuickTime before 7.7.8 allows remote attackers to execute ...)

More information about the Secure-testing-commits mailing list