[Secure-testing-commits] r36755 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Sep 19 15:04:22 UTC 2015 

Author: carnil
Date: 2015-09-19 15:04:22 +0000 (Sat, 19 Sep 2015)
New Revision: 36755

Modified:
   data/CVE/list
Log:
Process another batch of NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-19 13:50:26 UTC (rev 36754)
+++ data/CVE/list	2015-09-19 15:04:22 UTC (rev 36755)
@@ -3066,7 +3066,7 @@
 CVE-2015-5917
 	RESERVED
 CVE-2015-5916 (The Apple Pay component in Apple iOS before 9 allows remote terminals ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5915
 	RESERVED
 CVE-2015-5914
@@ -3074,7 +3074,7 @@
 CVE-2015-5913
 	RESERVED
 CVE-2015-5912 (The CFNetwork FTPProtocol component in Apple iOS before 9 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5911 (Multiple unspecified vulnerabilities in Twisted in Wiki Server in ...)
 	TODO: check
 CVE-2015-5910 (IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server ...)
@@ -3088,11 +3088,11 @@
 CVE-2015-5906 (The HTML form implementation in WebKit in Apple iOS before 9 does not ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2015-5905 (Safari in Apple iOS before 9 allows remote attackers to spoof the ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5904 (Safari in Apple iOS before 9 allows remote attackers to spoof the ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5903 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5902
 	RESERVED
 CVE-2015-5901
@@ -3100,21 +3100,21 @@
 CVE-2015-5900
 	RESERVED
 CVE-2015-5899 (libpthread in the kernel in Apple iOS before 9 allows local users to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5898 (CFNetwork in Apple iOS before 9 relies on the hardware UID for its ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5897
 	RESERVED
 CVE-2015-5896 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5895 (Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5894
 	RESERVED
 CVE-2015-5893
 	RESERVED
 CVE-2015-5892 (Siri in Apple iOS before 9 allows physically proximate attackers to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5891
 	RESERVED
 CVE-2015-5890
@@ -3128,29 +3128,29 @@
 CVE-2015-5886
 	RESERVED
 CVE-2015-5885 (The CFNetwork Cookies component in Apple iOS before 9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5884
 	RESERVED
 CVE-2015-5883
 	RESERVED
 CVE-2015-5882 (The processor_set_tasks API implementation in Apple iOS before 9 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5881
 	RESERVED
 CVE-2015-5880 (CoreAnimation in Apple iOS before 9 allows attackers to bypass ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5879 (XNU in the kernel in Apple iOS before 9 does not properly validate the ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5878
 	RESERVED
 CVE-2015-5877
 	RESERVED
 CVE-2015-5876 (dyld in Dev Tools in Apple iOS before 9 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5875
 	RESERVED
 CVE-2015-5874 (CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5873
 	RESERVED
 CVE-2015-5872
@@ -3160,11 +3160,11 @@
 CVE-2015-5870
 	RESERVED
 CVE-2015-5869 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5868 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5867 (IOHIDFamily in Apple iOS before 9 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5866
 	RESERVED
 CVE-2015-5865
@@ -3172,21 +3172,21 @@
 CVE-2015-5864
 	RESERVED
 CVE-2015-5863 (IOStorageFamily in Apple iOS before 9 does not properly initialize an ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5862 (The Audio component in Apple iOS before 9 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5861 (SpringBoard in Apple iOS before 9 allows physically proximate ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5860 (The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5859
 	RESERVED
 CVE-2015-5858 (The CFNetwork HTTPProtocol component in Apple iOS before 9 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5857 (Mail in Apple iOS before 9 allows remote attackers to use an ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5856 (The Application Store component in Apple iOS before 9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5855 (Apple iOS before 9 allows attackers to discover the e-mail address of ...)
 	TODO: check
 CVE-2015-5854
@@ -3196,51 +3196,51 @@
 CVE-2015-5852
 	RESERVED
 CVE-2015-5851 (The convenience initializer in the Multipeer Connectivity component in ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5850 (AppleKeyStore in Apple iOS before 9 allows physically proximate ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5849
 	RESERVED
 CVE-2015-5848 (IOAcceleratorFamily in Apple iOS before 9 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5847 (The Disk Images component in Apple iOS before 9 allows local users to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5846 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5845 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5844 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5843 (IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5842 (XNU in the kernel in Apple iOS before 9 does not properly initialize ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5841 (The CFNetwork Proxies component in Apple iOS before 9 does not ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5840 (The checkint division routines in removefile in Apple iOS before 9 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5839 (dyld in Apple iOS before 9 allows attackers to bypass a code-signing ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5838 (SpringBoard in Apple iOS before 9 does not properly restrict access to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5837 (PluginKit in Apple iOS before 9 allows attackers to bypass an intended ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5836
 	RESERVED
 CVE-2015-5835 (Apple iOS before 9 allows attackers to obtain sensitive information ...)
 	TODO: check
 CVE-2015-5834 (IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5833
 	RESERVED
 CVE-2015-5832 (The iTunes Store component in Apple iOS before 9 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5831 (NetworkExtension in the kernel in Apple iOS before 9 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5830
 	RESERVED
 CVE-2015-5829 (Data Detectors Engine in Apple iOS before 9 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5828
 	RESERVED
 CVE-2015-5827 (WebKit in Apple iOS before 9 allows remote attackers to bypass the ...)
@@ -3250,7 +3250,7 @@
 CVE-2015-5825 (WebKit in Apple iOS before 9 does not properly restrict the ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2015-5824 (The NSURL implementation in the CFNetwork SSL component in Apple iOS ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5823 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2015-5822 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
@@ -3322,7 +3322,7 @@
 CVE-2015-5789 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2015-5788 (The WebKit Canvas implementation in Apple iOS before 9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5787
 	RESERVED
 CVE-2015-5786 (Apple QuickTime before 7.7.8 allows remote attackers to execute ...)
@@ -3346,7 +3346,7 @@
 CVE-2015-5777 (CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5776 (Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5775 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5774 (Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X ...)
@@ -3364,13 +3364,13 @@
 CVE-2015-5768 (AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5767 (The user interface in Safari in Apple iOS before 9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5766 (Directory traversal vulnerability in Air Traffic in Apple iOS before ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5765 (The user interface in Safari in Apple iOS before 9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5764 (The user interface in Safari in Apple iOS before 9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5763 (ntfs in Apple OS X before 10.10.5 allows local users to gain ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5762
@@ -3384,7 +3384,7 @@
 CVE-2015-5758 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5757 (libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-5756 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5755 (CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
@@ -8667,31 +8667,31 @@
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
 CVE-2015-3807 (libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3806 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
 	TODO: check
 CVE-2015-3805 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3804 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3803 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3802 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3801 (The document.cookie API implementation in the CFNetwork Cookies ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3800 (The DiskImages component in Apple iOS before 8.4.1 and OS X before ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3799 (The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3798 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3797 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3796 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3795 (libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3794 (The Speech UI in Apple OS X before 10.10.5, when speech alerts are ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3793 (CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the ...)
@@ -8725,7 +8725,7 @@
 CVE-2015-3779 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
 	NOT-FOR-US: QuickTime
 CVE-2015-3778 (bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-3777 (Multiple buffer overflows in blued in the Bluetooth subsystem in Apple ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3776 (IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
@@ -23201,7 +23201,7 @@
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc
 CVE-2014-8611 (The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2014-8610 (AndroidManifest.xml in Android before 5.0.0 does not require the ...)
 	NOT-FOR-US: Android
 CVE-2014-8609 (The addAccount method in ...)

More information about the Secure-testing-commits mailing list