[Secure-testing-commits] r52346 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jun 6 05:14:15 UTC 2017


Author: carnil
Date: 2017-06-06 05:14:15 +0000 (Tue, 06 Jun 2017)
New Revision: 52346

Modified:
   data/CVE/list
Log:
Apple now confirmed that two CVEs are respective duplicates of already assigned CVEs for libxml2 respectively libxslt

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-06 05:11:23 UTC (rev 52345)
+++ data/CVE/list	2017-06-06 05:14:15 UTC (rev 52346)
@@ -42319,8 +42319,7 @@
 CVE-2016-4620 (The Sandbox Profiles component in Apple iOS before 10 does not ...)
 	NOT-FOR-US: Apple
 CVE-2016-4619 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
-	- libxml2 <undetermined>
-	NOTE: contacted Apple for more information, but no reply for quite a while
+	NOTE: To be REJECTED, Apple duplicate of CVE-2015-8317
 CVE-2016-4618 (Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS ...)
 	NOT-FOR-US: Apple
 CVE-2016-4617 (An issue was discovered in certain Apple products. macOS before 10.12 ...)
@@ -42337,8 +42336,7 @@
 CVE-2016-4613 (An issue was discovered in certain Apple products. Safari before ...)
 	NOT-FOR-US: Apple
 CVE-2016-4612 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
-	- libxslt <undetermined>
-	NOTE: contacted Apple for more information, but no reply for quite a while
+	NOTE: To be REJECTED, Apple duplicate of CVE-2016-1683
 CVE-2016-4611 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 ...)
 	NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4610 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)




More information about the Secure-testing-commits mailing list