Author: jmm Date: 2017-01-14 16:05:49 +0000 (Sat, 14 Jan 2017) New Revision: 48050
Modified: data/CVE/list Log: mark apple libxml issue as NFU Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-14 15:56:58 UTC (rev 48049) +++ data/CVE/list 2017-01-14 16:05:49 UTC (rev 48050) @@ -38283,9 +38283,9 @@ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671 TODO: vtk6, paraview, opencollada, xdmf, gettext appear to include the affected code CVE-2016-1761 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS ...) - - libxml2 <undetermined> - TODO: check, no public details available, probably Apple specific - NOTE: ubuntu marked as not-affected: https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1761.html + NOT-FOR-US: No public details available, probably Apple specific libxml2 changes + NOTE: Marking as NFU since a regular libxml2 security issue would have trickled down + NOTE: via libxml upstream CVE-2016-1760 (The XPC Services API in LaunchServices in Apple iOS before 9.3 allows ...) TODO: check CVE-2016-1759 (The kernel in Apple OS X before 10.11.4 allows attackers to execute ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits