[Git][security-tracker-team/security-tracker][master] Expand note for one undetermined older issue

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3c72919 by Salvatore Bonaccorso at 2019-07-14T11:43:04Z
Expand note for one undetermined older issue

All those are still very unclear, but apparently Nick Wellnhofer did
provide commits for the other related CVEs. For CVE-2016-4607 there is
no reference at all.

It is possible that all CVEs related to CVE-2016-4607 and following were
fixed upstream in the 1.1.29 release.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -157916,7 +157916,9 @@ CVE-2016-4608 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes be
 	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/5d0c6565bab5b9b7efceb33b626916d22b4101a7 (v1.1.29-rc1)
 CVE-2016-4607 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	- libxslt <undetermined>
-	NOTE: contacted Apple for more information, but no reply for quite a while
+	NOTE: contacted Apple for more information, but no reply for quite a while.
+	NOTE: Apple still does not provide information on this CVE, although it is
+	NOTE: possible that it's fixed in 1.1.29 upstream.
 CVE-2016-4606
 	RESERVED
 CVE-2016-4605 (Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3c729191cf70136dfdad3c1c025d5aa0f2db038

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3c729191cf70136dfdad3c1c025d5aa0f2db038
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190714/5656d59d/attachment.html>