[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Oct 30 09:56:59 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f880bcb4 by Salvatore Bonaccorso at 2021-10-30T10:56:35+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30366,45 +30366,45 @@ CVE-2021-30921
 CVE-2021-30920 (A permissions issue was addressed with improved validation. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2021-30919 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30918 (A Lock Screen issue was addressed with improved state management. This ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30917 (A memory corruption issue existed in the processing of ICC profiles. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30916 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30915 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30914 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30913 (The issue was addressed with improved permissions logic. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30912 (The issue was addressed with improved permissions logic. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30911 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30910 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30909 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30908 (An authentication issue was addressed with improved state management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30907 (An integer overflow was addressed through improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30906 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30905 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30904
 	REJECTED
 CVE-2021-30903 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30902 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30901 (Multiple out-of-bounds write issues were addressed with improved bound ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30900 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30899 (A race condition was addressed with improved state handling. This issu ...)
 	TODO: check
 CVE-2021-30898
@@ -30412,81 +30412,81 @@ CVE-2021-30898
 CVE-2021-30897
 	REJECTED
 CVE-2021-30896 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30895 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30894 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30893
 	REJECTED
 CVE-2021-30892 (An inherited permissions issue was addressed with additional restricti ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30891
 	REJECTED
 CVE-2021-30890 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30889 (A buffer overflow issue was addressed with improved memory handling. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30888 (An information leakage issue was addressed. This issue is fixed in iOS ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30887 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30886 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30885
 	REJECTED
 CVE-2021-30884 (The issue was resolved with additional restrictions on CSS compositing ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30883 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30882 (A logic issue was addressed with improved validation. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30881 (An input validation issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30880 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30879 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30878
 	REJECTED
 CVE-2021-30877 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30876 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30875 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30874 (An authorization issue was addressed with improved state management. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30873 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30872
 	REJECTED
 CVE-2021-30871 (This issue was addressed with a new entitlement. This issue is fixed i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30870 (A logic issue existed in the handling of document loads. This issue wa ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30869 (A type confusion issue was addressed with improved state handling. Thi ...)
 	NOT-FOR-US: Apple
 CVE-2021-30868 (A race condition was addressed with improved locking. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30867 (The issue was addressed with improved authentication. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30866 (A user privacy issue was addressed by removing the broadcast MAC addre ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30865 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30864 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30863 (This issue was addressed by improving Face ID anti-spoofing models. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30862 (A validation issue was addressed with improved input sanitization. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30861 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30860 (An integer overflow was addressed with improved input validation. This ...)
 	NOT-FOR-US: Apple
 CVE-2021-30859 (A type confusion issue was addressed with improved state handling. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30858 (A use after free issue was addressed with improved memory management.  ...)
 	{DSA-4976-1 DSA-4975-1}
 	- webkit2gtk 2.32.4-1
@@ -30494,17 +30494,17 @@ CVE-2021-30858 (A use after free issue was addressed with improved memory manage
 	- wpewebkit 2.32.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2021-0005.html
 CVE-2021-30857 (A race condition was addressed with improved locking. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30856
 	REJECTED
 CVE-2021-30855 (A validation issue existed in the handling of symlinks. This issue was ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30854 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30853 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30852 (A type confusion issue was addressed with improved memory handling. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30851 (A memory corruption vulnerability was addressed with improved locking. ...)
 	{DSA-4996-1 DSA-4995-1}
 	- webkit2gtk 2.34.0-1
@@ -30546,7 +30546,7 @@ CVE-2021-30842 (This issue was addressed with improved checks. This issue is fix
 CVE-2021-30841 (This issue was addressed with improved checks. This issue is fixed in  ...)
 	NOT-FOR-US: Apple
 CVE-2021-30840 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30839
 	RESERVED
 CVE-2021-30838 (A memory corruption issue was addressed with improved memory handling. ...)
@@ -30554,17 +30554,17 @@ CVE-2021-30838 (A memory corruption issue was addressed with improved memory han
 CVE-2021-30837 (A memory consumption issue was addressed with improved memory handling ...)
 	NOT-FOR-US: Apple
 CVE-2021-30836 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30835 (This issue was addressed with improved checks. This issue is fixed in  ...)
 	NOT-FOR-US: Apple
 CVE-2021-30834 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30833 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30832 (A memory corruption issue was addressed with improved state management ...)
 	NOT-FOR-US: Apple
 CVE-2021-30831 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30830 (A memory corruption issue was addressed with improved memory handling. ...)
 	NOT-FOR-US: Apple
 CVE-2021-30829 (A URI parsing issue was addressed with improved parsing. This issue is ...)
@@ -30578,29 +30578,29 @@ CVE-2021-30826 (A logic issue was addressed with improved state management. This
 CVE-2021-30825 (This issue was addressed with improved checks. This issue is fixed in  ...)
 	NOT-FOR-US: Apple
 CVE-2021-30824 (A memory corruption issue was addressed with improved state management ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30823 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30822
 	RESERVED
 CVE-2021-30821 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30820 (A logic issue was addressed with improved state management. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2021-30819 (An out-of-bounds read was addressed with improved input validation. Th ...)
 	NOT-FOR-US: Apple
 CVE-2021-30818 (A type confusion issue was addressed with improved state handling. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30817 (A permissions issue was addressed with improved validation. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30816 (The issue was addressed with improved permissions logic. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30815 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
 	NOT-FOR-US: Apple
 CVE-2021-30814 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30813 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30812
 	RESERVED
 CVE-2021-30811 (This issue was addressed with improved checks. This issue is fixed in  ...)
@@ -30608,9 +30608,9 @@ CVE-2021-30811 (This issue was addressed with improved checks. This issue is fix
 CVE-2021-30810 (An authorization issue was addressed with improved state management. T ...)
 	NOT-FOR-US: Apple
 CVE-2021-30809 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30808 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30807 (A memory corruption issue was addressed with improved memory handling. ...)
 	NOT-FOR-US: Apple
 CVE-2021-30806
@@ -37317,7 +37317,7 @@ CVE-2021-28218
 CVE-2021-28217
 	RESERVED
 CVE-2021-3441 (A potential security vulnerability has been identified for the HP Offi ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2021-3440
 	RESERVED
 CVE-2021-3439



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f880bcb40eb0db6cc65c6873094b6741a7274734

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f880bcb40eb0db6cc65c6873094b6741a7274734
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211030/fa902b4e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list