Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7a8cf161 by Moritz Muehlenhoff at 2018-02-20T10:52:37+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -30609,25 +30609,25 @@ CVE-2017-13171 (An elevation of privilege vulnerability in the MediaTek performa CVE-2017-13170 (An elevation of privilege vulnerability in the MediaTek display ...) NOT-FOR-US: MediaTek driver for Android CVE-2017-13169 (An information disclosure vulnerability in the kernel camera server. ...) - TODO: check + NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline) CVE-2017-13168 (An elevation of privilege vulnerability in the kernel scsi driver. ...) - TODO: check + NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline) CVE-2017-13167 (An elevation of privilege vulnerability in the kernel sound timer. ...) - TODO: check + NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline) CVE-2017-13166 (An elevation of privilege vulnerability in the kernel v4l2 video ...) - linux 4.15.4-1 NOTE: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13166.html NOTE: https://git.kernel.org/linus/a1dfb4c48cc1e64eeb7800a27c66a6f7e88d075a CVE-2017-13165 (An elevation of privilege vulnerability in the kernel file system. ...) - TODO: check + NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline) CVE-2017-13164 (An information disclosure vulnerability in the kernel binder driver. ...) - TODO: check + NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline) CVE-2017-13163 (An elevation of privilege vulnerability in the kernel mtp usb driver. ...) - TODO: check + NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline) CVE-2017-13162 (An elevation of privilege vulnerability in the kernel binder. Product: ...) TODO: check CVE-2017-13161 (An elevation of privilege vulnerability in the Broadcom wireless ...) - TODO: check + NOT-FOR-US: Broadcom components for Android CVE-2017-13160 (A remote code execution vulnerability in the Android system ...) TODO: check CVE-2017-13159 (An information disclosure vulnerability in the Android system ...) @@ -30641,17 +30641,17 @@ CVE-2017-13156 (An elevation of privilege vulnerability in the Android system (a CVE-2017-13155 RESERVED CVE-2017-13154 (An elevation of privilege vulnerability in the Android media framework ...) - TODO: check + NOT-FOR-US: Android Media Framework CVE-2017-13153 (An elevation of privilege vulnerability in the Android media framework ...) TODO: check CVE-2017-13152 (An information disclosure vulnerability in the Android media framework ...) - TODO: check + NOT-FOR-US: Android Media Framework CVE-2017-13151 (A remote code execution vulnerability in the Android media framework ...) TODO: check CVE-2017-13150 (An information disclosure vulnerability in the Android media framework ...) - TODO: check + NOT-FOR-US: Android Media Framework CVE-2017-13149 (An information disclosure vulnerability in the Android media framework ...) - TODO: check + NOT-FOR-US: Android Media Framework CVE-2017-13148 (A denial of service vulnerability in the Android media framework ...) TODO: check CVE-2017-13147 (In GraphicsMagick 1.3.26, an allocation failure vulnerability was found ...) @@ -33019,37 +33019,37 @@ CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was fo NOTE: https://github.com/ImageMagick/ImageMagick/commit/82b53bd74df1489332e4043035a51b43f54d43f1 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7d3af83d8b946f952bfd028451e6dfb1f7ace07a CVE-2017-12561 (A remote code execution vulnerability in HPE intelligent Management ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12560 (A Remote Denial of Service vulnerability in HPE Intelligent Management ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12559 (A Remote Denial of Service vulnerability in HPE Intelligent Management ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12558 (A Remote Code Execution vulnerability in HPE intelligent Management ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12557 (A Remote Code Execution vulnerability in HPE intelligent Management ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12556 (A Remote Code Execution vulnerability in HPE intelligent Management ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12555 (A remote arbitrary file download and disclosure of information ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12554 (A remote code execution vulnerability in HPE intelligent Management ...) - TODO: check + NOT-FOR-US: HPE Intelligent Management Center CVE-2017-12553 (A local authentication bypass vulnerability in HPE System Management ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12552 (A local arbitrary execution of commands vulnerability in HPE System ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12551 (A local arbitrary execution of commands vulnerability in HPE System ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12550 (A local security misconfiguration vulnerability in HPE System ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12549 (A local authentication bypass vulnerability in HPE System Management ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12548 (A local arbitrary command execution vulnerability in HPE System ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12547 (A local arbitrary command execution vulnerability in HPE System ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12546 (A local buffer overflow vulnerability in HPE System Management ...) - TODO: check + NOT-FOR-US: HPE System Management Homepage CVE-2017-12545 (A remote denial of service vulnerability in HPE System Management ...) TODO: check CVE-2017-12544 (A cross-site scripting vulnerability in HPE System Management Homepage ...) @@ -52374,6 +52374,7 @@ CVE-2017-6281 RESERVED CVE-2017-6280 RESERVED + NOT-FOR-US: Nvidia component for Android CVE-2017-6279 (NVIDIA libnvmmlite_audio.so contains an elevation of privilege ...) NOT-FOR-US: Nvidia component for Android CVE-2017-6278 @@ -67506,7 +67507,7 @@ CVE-2016-9686 (The Puppet Communications Protocol (PCP) Broker incorrectly valid CVE-2017-0880 (A denial of service vulnerability in the Android media framework ...) - skia <itp> (bug #818180) CVE-2017-0879 (An information disclosure vulnerability in the Android media framework ...) - TODO: check + NOT-FOR-US: Android Media Framework CVE-2017-0878 (A remote code execution vulnerability in the Android media framework ...) TODO: check CVE-2017-0877 (A remote code execution vulnerability in the Android media framework ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a8cf161617bf0f7c9097b572369f7dfa66929c4 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a8cf161617bf0f7c9097b572369f7dfa66929c4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits