Author: jmm
Date: 2017-10-23 15:51:23 +0000 (Mon, 23 Oct 2017)
New Revision: 56926
Modified:
data/CVE/list
Log:
NFUs
glassfish n/a
one more openjdk issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-23 13:17:53 UTC (rev 56925)
+++ data/CVE/list 2017-10-23 15:51:23 UTC (rev 56926)
@@ -10085,7 +10085,7 @@
NOTE:
https://git.kernel.org/linus/9e3f7a29694049edd728e2400ab57ad7553e5aa9 (4.9-rc6)
CVE-2017-12167
RESERVED
- TODO: check, possibly Red Hat specific issue
+ NOT-FOR-US: Red Hat JBoss EAP
CVE-2017-12166 (OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are
vulnerable to ...)
- openvpn <unfixed> (bug #877089)
[stretch] - openvpn <no-dsa> (Minor issue)
@@ -15602,7 +15602,7 @@
CVE-2017-10401 (Vulnerability in the Oracle Hospitality Cruise Materials
Management ...)
NOT-FOR-US: Oracle
CVE-2017-10400 (Vulnerability in the Oracle GlassFish Server component of
Oracle ...)
- TODO: check
+ - glassfish <not-affected> (Vulnerable code not included, see bug
#853998)
CVE-2017-10399 (Vulnerability in the Oracle Hospitality Cruise Fleet
Management ...)
NOT-FOR-US: Oracle
CVE-2017-10398 (Vulnerability in the Oracle Hospitality Cruise Fleet
Management ...)
@@ -15616,13 +15616,13 @@
CVE-2017-10394 (Vulnerability in the PeopleSoft Enterprise PeopleTools
component of ...)
NOT-FOR-US: Oracle
CVE-2017-10393 (Vulnerability in the Oracle GlassFish Server component of
Oracle ...)
- TODO: check
+ - glassfish <not-affected> (Vulnerable code not included, see bug
#853998)
CVE-2017-10392 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox 5.1.30-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
CVE-2017-10391 (Vulnerability in the Oracle GlassFish Server component of
Oracle ...)
- TODO: check
+ - glassfish <not-affected> (Vulnerable code not included, see bug
#853998)
CVE-2017-10390
RESERVED
CVE-2017-10389 (Vulnerability in the Oracle Hospitality Suite8 component of
Oracle ...)
@@ -15638,7 +15638,7 @@
CVE-2017-10386 (Vulnerability in the Java Advanced Management Console
component of ...)
NOT-FOR-US: Java Advanced Management Console
CVE-2017-10385 (Vulnerability in the Oracle GlassFish Server component of
Oracle ...)
- TODO: check
+ - glassfish <not-affected> (Vulnerable code not included, see bug
#853998)
CVE-2017-10384 (Vulnerability in the MySQL Server component of Oracle MySQL
...)
{DSA-4002-1 DLA-1141-1}
- mysql-5.7 <unfixed> (bug #878398)
@@ -15884,7 +15884,10 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
CVE-2017-10293 (Vulnerability in the Java SE component of Oracle Java SE ...)
- TODO: probably specific to Oracle Java
+ - openjdk-8 <unfixed>
+ - openjdk-7 <removed>
+ - openjdk-6 <removed>
+ [wheezy] - openjdk-6 <end-of-life>
CVE-2017-10292 (Vulnerability in the RDBMS Security component of Oracle
Database ...)
NOT-FOR-US: Oracle
CVE-2017-10291
@@ -25502,27 +25505,27 @@
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7110 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7109 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- webkit2gtk 2.18.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7108 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7107 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- webkit2gtk 2.18.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7106 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7105 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7104 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- webkit2gtk 2.18.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7103 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7102 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- webkit2gtk 2.18.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
@@ -25542,7 +25545,7 @@
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7097 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7096 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- webkit2gtk 2.18.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
@@ -25576,43 +25579,43 @@
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7088 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7087 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- webkit2gtk 2.18.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7086 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7085 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7084 (An issue was discovered in certain Apple products. macOS before
10.13 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7083 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7082 (An issue was discovered in certain Apple products. macOS before
10.13 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7081 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- webkit2gtk 2.18.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
NOTE: Not covered by security support
CVE-2017-7080 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7079 (An issue was discovered in certain Apple products. iTunes
before 12.7 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7078 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7077 (An issue was discovered in certain Apple products. macOS before
10.13 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7076 (An issue was discovered in certain Apple products. Xcode before
9 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7075
RESERVED
CVE-2017-7074 (An issue was discovered in certain Apple products. macOS before
10.13 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7073
RESERVED
CVE-2017-7072 (An issue was discovered in certain Apple products. iOS before
11 is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7071
RESERVED
CVE-2017-7070
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
