[Secure-testing-commits] r48155 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Jan 18 12:52:01 UTC 2017


Author: jmm
Date: 2017-01-18 12:52:01 +0000 (Wed, 18 Jan 2017)
New Revision: 48155

Modified:
   data/CVE/list
Log:
add affected versions for mariadb
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-18 11:35:26 UTC (rev 48154)
+++ data/CVE/list	2017-01-18 12:52:01 UTC (rev 48155)
@@ -5420,6 +5420,7 @@
 	RESERVED
 CVE-2017-3324
 	RESERVED
+	NOT-FOR-US: Oracle Primavera
 CVE-2017-3323
 	RESERVED
 	NOT-FOR-US: MySQL Cluster
@@ -5441,11 +5442,15 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3318
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
 CVE-2017-3317
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
@@ -5465,6 +5470,8 @@
 	- mysql-5.5 <removed> (bug #851233)
 CVE-2017-3312
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
@@ -5490,6 +5497,7 @@
 	RESERVED
 CVE-2017-3301
 	RESERVED
+	NOT-FOR-US: Solaris
 CVE-2017-3300
 	RESERVED
 CVE-2017-3299
@@ -5510,6 +5518,8 @@
 	RESERVED
 CVE-2017-3291
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
@@ -5548,6 +5558,7 @@
 	RESERVED
 CVE-2017-3276
 	RESERVED
+	NOT-FOR-US: Solaris
 CVE-2017-3275
 	RESERVED
 CVE-2017-3274
@@ -5577,6 +5588,8 @@
 	RESERVED
 CVE-2017-3265
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
@@ -5584,6 +5597,7 @@
 	RESERVED
 CVE-2017-3263
 	RESERVED
+	NOT-FOR-US: Oracle Primavera
 CVE-2017-3262
 	RESERVED
 	- openjdk-8 <unfixed>
@@ -5604,11 +5618,15 @@
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2017-3258
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
 CVE-2017-3257
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
@@ -5652,16 +5670,21 @@
 	RESERVED
 CVE-2017-3244
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
 CVE-2017-3243
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed> (bug #851233)
 CVE-2017-3242
 	RESERVED
+	NOT-FOR-US: Solaris
 CVE-2017-3241
 	RESERVED
 	- openjdk-8 <unfixed>
@@ -5674,6 +5697,8 @@
 	RESERVED
 CVE-2017-3238
 	RESERVED
+	- mariadb-10.1 <unfixed>
+	- mariadb-10.0 <unfixed>
 	- mysql-5.7 <unfixed> (bug #851235)
 	- mysql-5.6 <unfixed> (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
@@ -10222,6 +10247,7 @@
 	RESERVED
 CVE-2017-1182
 	RESERVED
+	NOT-FOR-US: Oracle Primavera
 CVE-2017-1181
 	RESERVED
 CVE-2017-1180
@@ -16789,6 +16815,7 @@
 	NOTE: From the backtrace shared in the report, we can see that the crash is triggered though the thumbnail tool which has been dropped upstream.
 CVE-2016-8330
 	RESERVED
+	NOT-FOR-US: Solaris
 CVE-2016-8329
 	RESERVED
 CVE-2016-8328
@@ -25871,6 +25898,7 @@
 	TODO: check
 CVE-2016-5590
 	RESERVED
+	NOT-FOR-US: MySQL Enterprise Monitor
 CVE-2016-5589 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
 	TODO: check
 CVE-2016-5588 (Unspecified vulnerability in the Oracle Outside In Technology ...)
@@ -43108,7 +43136,7 @@
 	NOTE: https://blogs.oracle.com/security/entry/security_alert_cve_2016_0636
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c44179bce874
 CVE-2016-0635 (Unspecified vulnerability in the Enterprise Manager Ops Center ...)
-	NOT-FOR-US: Oracle
+	NOT-FOR-US: MySQL Enterprise Monitor
 CVE-2016-0634 [bash prompt expanding return value from gethostname()]
 	RESERVED
 	- bash 4.4-1 (unimportant)




More information about the Secure-testing-commits mailing list