[Secure-testing-commits] r56159 - data/CVE

Tue, 26 Sep 2017 10:42:03 -0700 

Author: jmm
Date: 2017-09-26 17:41:29 +0000 (Tue, 26 Sep 2017)
New Revision: 56159

Modified:
   data/CVE/list
Log:
libarchive no-dsa
mark three apple-reported issues as NFU


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-26 17:19:00 UTC (rev 56158)
+++ data/CVE/list       2017-09-26 17:41:29 UTC (rev 56159)
@@ -640,6 +640,8 @@
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573
 CVE-2017-14501 (An out-of-bounds read flaw exists in parse_file_info in ...)
        - libarchive <unfixed> (bug #875966)
+       [stretch] - libarchive <no-dsa> (Minor issue)
+       [jessie] - libarchive <no-dsa> (Minor issue)
        NOTE: https://github.com/libarchive/libarchive/issues/949
 CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS 
Command in ...)
        {DSA-3977-1 DLA-1104-1}
@@ -22379,7 +22381,8 @@
 CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before 
10.3.3 ...)
        NOT-FOR-US: Apple
 CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before 
10.3.3 ...)
-       - libarchive <undetermined>
+       NOT-FOR-US: Apple / libarchive
+       NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't 
cooperate
 CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before 
...)
        NOT-FOR-US: Apple
 CVE-2017-7066
@@ -36425,7 +36428,8 @@
 CVE-2017-2391 (An issue was discovered in certain Apple products. Pages before 
6.1, ...)
        NOT-FOR-US: Apple
 CVE-2017-2390 (An issue was discovered in certain Apple products. iOS before 
10.3 is ...)
-       - libarchive <undetermined>
+       NOT-FOR-US: Apple / libarchive
+       NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't 
cooperate
 CVE-2017-2389 (An issue was discovered in certain Apple products. iOS before 
10.3 is ...)
        NOT-FOR-US: Apple
 CVE-2017-2388 (An issue was discovered in certain Apple products. macOS before 
...)
@@ -58095,7 +58099,8 @@
 CVE-2016-4737 (WebKit in Apple iOS before 10, Safari before 10, tvOS before 
10, and ...)
        NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4736 (libarchive in Apple OS X before 10.12 allows remote attackers 
to cause ...)
-       - libarchive <undetermined>
+       NOT-FOR-US: Apple / libarchive
+       NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't 
cooperate
 CVE-2016-4735 (WebKit in Apple iOS before 10, Safari before 10, and tvOS 
before 10 ...)
        NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4734 (WebKit in Apple iOS before 10, Safari before 10, and tvOS 
before 10 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to