[Secure-testing-commits] r56926 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Oct 23 15:51:24 UTC 2017 

Author: jmm
Date: 2017-10-23 15:51:23 +0000 (Mon, 23 Oct 2017)
New Revision: 56926

Modified:
   data/CVE/list
Log:
NFUs
glassfish n/a
one more openjdk issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-23 13:17:53 UTC (rev 56925)
+++ data/CVE/list	2017-10-23 15:51:23 UTC (rev 56926)
@@ -10085,7 +10085,7 @@
 	NOTE: https://git.kernel.org/linus/9e3f7a29694049edd728e2400ab57ad7553e5aa9 (4.9-rc6)
 CVE-2017-12167
 	RESERVED
-	TODO: check, possibly Red Hat specific issue
+	NOT-FOR-US: Red Hat JBoss EAP
 CVE-2017-12166 (OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to ...)
 	- openvpn <unfixed> (bug #877089)
 	[stretch] - openvpn <no-dsa> (Minor issue)
@@ -15602,7 +15602,7 @@
 CVE-2017-10401 (Vulnerability in the Oracle Hospitality Cruise Materials Management ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10400 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
-	TODO: check
+	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
 CVE-2017-10399 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10398 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
@@ -15616,13 +15616,13 @@
 CVE-2017-10394 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10393 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
-	TODO: check
+	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
 CVE-2017-10392 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 CVE-2017-10391 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
-	TODO: check
+	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
 CVE-2017-10390
 	RESERVED
 CVE-2017-10389 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
@@ -15638,7 +15638,7 @@
 CVE-2017-10386 (Vulnerability in the Java Advanced Management Console component of ...)
 	NOT-FOR-US: Java Advanced Management Console
 CVE-2017-10385 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
-	TODO: check
+	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
 CVE-2017-10384 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	{DSA-4002-1 DLA-1141-1}
 	- mysql-5.7 <unfixed> (bug #878398)
@@ -15884,7 +15884,10 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10293 (Vulnerability in the Java SE component of Oracle Java SE ...)
-	TODO: probably specific to Oracle Java
+	- openjdk-8 <unfixed>
+	- openjdk-7 <removed>
+	- openjdk-6 <removed>
+	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10292 (Vulnerability in the RDBMS Security component of Oracle Database ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10291
@@ -25502,27 +25505,27 @@
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7110 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7109 (An issue was discovered in certain Apple products. iOS before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7108 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7107 (An issue was discovered in certain Apple products. iOS before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7106 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7105 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7104 (An issue was discovered in certain Apple products. iOS before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7103 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7102 (An issue was discovered in certain Apple products. iOS before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
@@ -25542,7 +25545,7 @@
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7097 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7096 (An issue was discovered in certain Apple products. iOS before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
@@ -25576,43 +25579,43 @@
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7088 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7087 (An issue was discovered in certain Apple products. iOS before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7086 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7085 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7084 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7083 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7082 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7081 (An issue was discovered in certain Apple products. iOS before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7080 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7079 (An issue was discovered in certain Apple products. iTunes before 12.7 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7078 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7077 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7076 (An issue was discovered in certain Apple products. Xcode before 9 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7075
 	RESERVED
 CVE-2017-7074 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7073
 	RESERVED
 CVE-2017-7072 (An issue was discovered in certain Apple products. iOS before 11 is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-7071
 	RESERVED
 CVE-2017-7070

More information about the Secure-testing-commits mailing list