[Secure-testing-commits] r48930 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Feb 14 18:28:48 UTC 2017 

Author: jmm
Date: 2017-02-14 18:28:48 +0000 (Tue, 14 Feb 2017)
New Revision: 48930

Modified:
   data/CVE/list
Log:
"new" linux issues from Android
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-02-14 16:01:19 UTC (rev 48929)
+++ data/CVE/list	2017-02-14 18:28:48 UTC (rev 48930)
@@ -24743,7 +24743,7 @@
 CVE-2016-6498
 	RESERVED
 CVE-2016-6497 (main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP ...)
-	TODO: check
+	NOT-FOR-US: Groovy LDAP extension
 CVE-2016-6496 (The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x ...)
 	NOT-FOR-US: Atlassian Crowd
 CVE-2016-6525 (Heap-based buffer overflow in the pdf_load_mesh_params function in ...)
@@ -27207,81 +27207,81 @@
 CVE-2014-9901 (The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2014-9900 (The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel ...)
-	TODO: check
+ 	- linux <unfixed> (low)
 CVE-2014-9899 (drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9898 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9897 (sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9896 (drivers/char/adsprpc.c in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9895 (drivers/media/media-device.c in the Linux kernel before 3.11, as used ...)
-	TODO: check
+ 	- linux 3.11.5-1
 CVE-2014-9894 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9893 (drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9892 (The snd_compr_tstamp function in sound/core/compress_offload.c in the ...)
-	TODO: check
+	- linux <unfixed>
 CVE-2014-9891 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9890 (Off-by-one error in ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9889 (drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9888 (arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM ...)
-	TODO: check
+ 	- linux 3.13.4-1
 CVE-2014-9887 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9886 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9885 (Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9884 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9883 (Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9882 (Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9881 (drivers/media/radio/radio-iris.c in the Qualcomm components in Android ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9880 (drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9879 (The mdss mdp3 driver in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9878 (drivers/mmc/card/mmc_block_test.c in the Qualcomm components in ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9877 (drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9876 (drivers/char/diag/diagfwd.c in the Qualcomm components in Android ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9875 (drivers/char/diag/diag_dci.c in the Qualcomm components in Android ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9874 (Buffer overflow in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9873 (Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9872 (The diag driver in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9871 (Multiple buffer overflows in ...)
 	TODO: check
 CVE-2014-9870 (The Linux kernel before 3.11 on ARM platforms, as used in Android ...)
 	TODO: check
 CVE-2014-9869 (drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9868 (drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9867 (drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9866 (drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9865 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9864 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2014-9863 (Integer underflow in the diag driver in the Qualcomm components in ...)
-	TODO: check
+ 	- linux <not-affected> (Android-specific driver)
 CVE-2016-5844 (Integer overflow in the ISO parser in libarchive before 3.2.1 allows ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
@@ -27689,7 +27689,7 @@
 CVE-2016-5637 (The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 ...)
 	NOTE: No further information provided, but this is very likely a dupe of CVE-2016-8710
 CVE-2016-1000003 (Mirror Manager version 0.7.2 and older is vulnerable to remote code ...)
-	TODO: check
+	NOT-FOR-US: Fedora Mirror Manager
 CVE-2016-5727 (LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2016-5726 (Packages.php in Simple Machines Forum (SMF) 2.1 allows remote ...)

More information about the Secure-testing-commits mailing list