[Secure-testing-commits] r50271 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Apr 3 04:50:01 UTC 2017 

Author: carnil
Date: 2017-04-03 04:50:01 +0000 (Mon, 03 Apr 2017)
New Revision: 50271

Modified:
   data/CVE/list
Log:
More CVE related to Apple advisories processed

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-03 04:33:02 UTC (rev 50270)
+++ data/CVE/list	2017-04-03 04:50:01 UTC (rev 50271)
@@ -13823,9 +13823,9 @@
 CVE-2017-2491
 	RESERVED
 CVE-2017-2490 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
-	TODO: check
+	NOT-FOR-US: Apple involving Kernel component
 CVE-2017-2489 (An issue was discovered in certain Apple products. macOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple involving Intel Graphics Driver
 CVE-2017-2488
 	RESERVED
 CVE-2017-2487 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
@@ -13850,7 +13850,7 @@
 	NOT-FOR-US: Apple involving Kernel component
 CVE-2017-2477 (An issue was discovered in certain Apple products. macOS before ...)
 	- libxslt <undetermined>
-	TODO: check
+	NOTE: contacted Apple for more information, but no reply for quite a while
 CVE-2017-2476 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
 	TODO: check, possibly webkit2gtk
 CVE-2017-2475 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
@@ -13924,22 +13924,23 @@
 CVE-2017-2441 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
 	NOT-FOR-US: Apple libc++abi component
 CVE-2017-2440 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
-	TODO: check
+	NOT-FOR-US: Apple involving Kernel component
 CVE-2017-2439 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
-	TODO: check
+	NOT-FOR-US: Apple involving FontParser component
 CVE-2017-2438 (An issue was discovered in certain Apple products. macOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple involving AppleRAID component
 CVE-2017-2437 (An issue was discovered in certain Apple products. macOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple involving IOFireWireAVC component
 CVE-2017-2436 (An issue was discovered in certain Apple products. macOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple involving IOFireWireAVC component
 CVE-2017-2435 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
-	TODO: check
+	NOT-FOR-US: Apple involving CoreText component
 CVE-2017-2434 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
-	TODO: check
+	NOT-FOR-US: Apple involving HomeKit component
 CVE-2017-2433 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
-	TODO: check
+	TODO: check, possibly webkit2gtk
 CVE-2017-2432 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+	NOT-FOR-US: Apple involving ImageIO component
 	TODO: check
 CVE-2017-2431 (An issue was discovered in certain Apple products. macOS before ...)
 	TODO: check

More information about the Secure-testing-commits mailing list