[Secure-testing-commits] r57635 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Nov 14 20:29:22 UTC 2017 

Author: jmm
Date: 2017-11-14 20:29:22 +0000 (Tue, 14 Nov 2017)
New Revision: 57635

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-14 20:26:40 UTC (rev 57634)
+++ data/CVE/list	2017-11-14 20:29:22 UTC (rev 57635)
@@ -19,9 +19,9 @@
 	[jessie] - tcpdump <postponed> (Can be fixed along in a future update)
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/645
 CVE-2017-16807 (A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, ...)
-	TODO: check
+	NOT-FOR-US: Kirby Panel
 CVE-2017-16806 (The Process function in RemoteTaskServer/WebServer/HttpServer.cs in ...)
-	TODO: check
+	NOT-FOR-US: Ulterius
 CVE-2017-16805 (In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...)
 	- radare2 <unfixed>
 	NOTE: https://github.com/radare/radare2/commit/2ca9ab45891b6ae8e32b6c28c81eebca059cbe5d
@@ -8270,7 +8270,7 @@
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
 CVE-2017-13797 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
-	TODO: check
+	NOT-FOR-US: Apple-specific Webkit change (since not mentioned in webkitgtk releases)
 CVE-2017-13796 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
@@ -8296,9 +8296,9 @@
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
 CVE-2017-13790 (An issue was discovered in certain Apple products. Safari before ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2017-13789 (An issue was discovered in certain Apple products. Safari before ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2017-13788 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
 	- webkit2gtk 2.18.3-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
@@ -38589,7 +38589,7 @@
 CVE-2017-3768
 	RESERVED
 CVE-2017-3767 (A local privilege escalation vulnerability was identified in the ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3766
 	RESERVED
 CVE-2017-3765
@@ -44865,7 +44865,7 @@
 CVE-2017-1478
 	RESERVED
 CVE-2017-1477 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1476
 	RESERVED
 CVE-2017-1475

More information about the Secure-testing-commits mailing list