[Secure-testing-commits] r48270 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sun Jan 22 10:19:31 UTC 2017 

Author: jmm
Date: 2017-01-22 10:19:30 +0000 (Sun, 22 Jan 2017)
New Revision: 48270

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-22 09:58:31 UTC (rev 48269)
+++ data/CVE/list	2017-01-22 10:19:30 UTC (rev 48270)
@@ -12176,18 +12176,18 @@
 CVE-2017-0391 (A denial of service vulnerability in decoder/ihevcd_decode.c in ...)
 	TODO: check
 CVE-2017-0390 (A denial of service vulnerability in Tremolo/dpen.s in Mediaserver ...)
-	TODO: check
+	NOT-FOR-US: Android Mediaserver
 CVE-2017-0389 (A denial of service vulnerability in core networking could enable a ...)
 	TODO: check
 CVE-2017-0388 (An elevation of privilege vulnerability in the External Storage ...)
 	TODO: check
 CVE-2017-0387 (An elevation of privilege vulnerability in Mediaserver could enable a ...)
-	TODO: check
+	NOT-FOR-US: Android Mediaserver
 CVE-2017-0386 (An elevation of privilege vulnerability in the libnl library could ...)
 	- libnl3 <not-affected> (Specific to Android's use of libnl)
 	NOTE: https://github.com/thom311/libnl/issues/124
 CVE-2017-0385 (An elevation of privilege vulnerability in Audioserver could enable a ...)
-	TODO: check
+	NOT-FOR-US: Android Audioserver
 CVE-2017-0384 (An elevation of privilege vulnerability in ...)
 	TODO: check
 CVE-2017-0383 (An elevation of privilege vulnerability in the Framework APIs could ...)
@@ -12304,15 +12304,15 @@
 CVE-2016-9681 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity ...)
 	- serendipity <removed>
 CVE-2016-9680 (Citrix Provisioning Services before 7.12 allows attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2016-9679 (Citrix Provisioning Services before 7.12 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2016-9678 (Use-after-free vulnerability in Citrix Provisioning Services before ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2016-9677 (Citrix Provisioning Services before 7.12 allows attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2016-9676 (Buffer overflow in Citrix Provisioning Services before 7.12 allows ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2016-9674
 	RESERVED
 CVE-2016-9673
@@ -14215,7 +14215,7 @@
 CVE-2016-9248
 	RESERVED
 CVE-2016-9247 (Under certain conditions for BIG-IP systems using a virtual server ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2016-9246
 	RESERVED
 CVE-2016-9245
@@ -16767,11 +16767,11 @@
 CVE-2016-8411
 	RESERVED
 CVE-2016-8410 (An information disclosure vulnerability in the Qualcomm sound driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8409 (An information disclosure vulnerability in the NVIDIA video driver ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8408 (An information disclosure vulnerability in the NVIDIA video driver ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8407 (An information disclosure vulnerability in kernel components including ...)
 	TODO: check
 CVE-2016-8406 (An information disclosure vulnerability in kernel components including ...)
@@ -16787,7 +16787,7 @@
 CVE-2016-8401 (An information disclosure vulnerability in kernel components including ...)
 	TODO: check
 CVE-2016-8400 (An information disclosure vulnerability in the NVIDIA librm library ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8399 (An elevation of privilege vulnerability in the kernel networking ...)
 	{DLA-772-1}
 	- linux 4.8.15-1
@@ -16796,19 +16796,19 @@
 CVE-2016-8398 (Unauthenticated messages processed by the UE. Certain NAS messages are ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8397 (An information disclosure vulnerability in the NVIDIA video driver ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8396 (An information disclosure vulnerability in the MediaTek video driver ...)
 	TODO: check
 CVE-2016-8395 (A denial of service vulnerability in the NVIDIA camera driver could ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8394 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
 	TODO: check
 CVE-2016-8393 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
 	TODO: check
 CVE-2016-8392 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8391 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-1000246
 	RESERVED
 CVE-2016-1000245

More information about the Secure-testing-commits mailing list