Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7a8cf161 by Moritz Muehlenhoff at 2018-02-20T10:52:37+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -30609,25 +30609,25 @@ CVE-2017-13171 (An elevation of privilege
vulnerability in the MediaTek performa
CVE-2017-13170 (An elevation of privilege vulnerability in the MediaTek
display ...)
NOT-FOR-US: MediaTek driver for Android
CVE-2017-13169 (An information disclosure vulnerability in the kernel camera
server. ...)
- TODO: check
+ NOT-FOR-US: Android kernel components (no source release, so apparently
not present in mainline)
CVE-2017-13168 (An elevation of privilege vulnerability in the kernel scsi
driver. ...)
- TODO: check
+ NOT-FOR-US: Android kernel components (no source release, so apparently
not present in mainline)
CVE-2017-13167 (An elevation of privilege vulnerability in the kernel sound
timer. ...)
- TODO: check
+ NOT-FOR-US: Android kernel components (no source release, so apparently
not present in mainline)
CVE-2017-13166 (An elevation of privilege vulnerability in the kernel v4l2
video ...)
- linux 4.15.4-1
NOTE:
https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13166.html
NOTE:
https://git.kernel.org/linus/a1dfb4c48cc1e64eeb7800a27c66a6f7e88d075a
CVE-2017-13165 (An elevation of privilege vulnerability in the kernel file
system. ...)
- TODO: check
+ NOT-FOR-US: Android kernel components (no source release, so apparently
not present in mainline)
CVE-2017-13164 (An information disclosure vulnerability in the kernel binder
driver. ...)
- TODO: check
+ NOT-FOR-US: Android kernel components (no source release, so apparently
not present in mainline)
CVE-2017-13163 (An elevation of privilege vulnerability in the kernel mtp usb
driver. ...)
- TODO: check
+ NOT-FOR-US: Android kernel components (no source release, so apparently
not present in mainline)
CVE-2017-13162 (An elevation of privilege vulnerability in the kernel binder.
Product: ...)
TODO: check
CVE-2017-13161 (An elevation of privilege vulnerability in the Broadcom
wireless ...)
- TODO: check
+ NOT-FOR-US: Broadcom components for Android
CVE-2017-13160 (A remote code execution vulnerability in the Android system
...)
TODO: check
CVE-2017-13159 (An information disclosure vulnerability in the Android system
...)
@@ -30641,17 +30641,17 @@ CVE-2017-13156 (An elevation of privilege
vulnerability in the Android system (a
CVE-2017-13155
RESERVED
CVE-2017-13154 (An elevation of privilege vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2017-13153 (An elevation of privilege vulnerability in the Android media
framework ...)
TODO: check
CVE-2017-13152 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2017-13151 (A remote code execution vulnerability in the Android media
framework ...)
TODO: check
CVE-2017-13150 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2017-13149 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2017-13148 (A denial of service vulnerability in the Android media
framework ...)
TODO: check
CVE-2017-13147 (In GraphicsMagick 1.3.26, an allocation failure vulnerability
was found ...)
@@ -33019,37 +33019,37 @@ CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory
exhaustion vulnerability was fo
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/82b53bd74df1489332e4043035a51b43f54d43f1
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/7d3af83d8b946f952bfd028451e6dfb1f7ace07a
CVE-2017-12561 (A remote code execution vulnerability in HPE intelligent
Management ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12560 (A Remote Denial of Service vulnerability in HPE Intelligent
Management ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12559 (A Remote Denial of Service vulnerability in HPE Intelligent
Management ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12558 (A Remote Code Execution vulnerability in HPE intelligent
Management ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12557 (A Remote Code Execution vulnerability in HPE intelligent
Management ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12556 (A Remote Code Execution vulnerability in HPE intelligent
Management ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12555 (A remote arbitrary file download and disclosure of information
...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12554 (A remote code execution vulnerability in HPE intelligent
Management ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-12553 (A local authentication bypass vulnerability in HPE System
Management ...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12552 (A local arbitrary execution of commands vulnerability in HPE
System ...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12551 (A local arbitrary execution of commands vulnerability in HPE
System ...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12550 (A local security misconfiguration vulnerability in HPE System
...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12549 (A local authentication bypass vulnerability in HPE System
Management ...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12548 (A local arbitrary command execution vulnerability in HPE
System ...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12547 (A local arbitrary command execution vulnerability in HPE
System ...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12546 (A local buffer overflow vulnerability in HPE System Management
...)
- TODO: check
+ NOT-FOR-US: HPE System Management Homepage
CVE-2017-12545 (A remote denial of service vulnerability in HPE System
Management ...)
TODO: check
CVE-2017-12544 (A cross-site scripting vulnerability in HPE System Management
Homepage ...)
@@ -52374,6 +52374,7 @@ CVE-2017-6281
RESERVED
CVE-2017-6280
RESERVED
+ NOT-FOR-US: Nvidia component for Android
CVE-2017-6279 (NVIDIA libnvmmlite_audio.so contains an elevation of privilege
...)
NOT-FOR-US: Nvidia component for Android
CVE-2017-6278
@@ -67506,7 +67507,7 @@ CVE-2016-9686 (The Puppet Communications Protocol (PCP)
Broker incorrectly valid
CVE-2017-0880 (A denial of service vulnerability in the Android media
framework ...)
- skia <itp> (bug #818180)
CVE-2017-0879 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2017-0878 (A remote code execution vulnerability in the Android media
framework ...)
TODO: check
CVE-2017-0877 (A remote code execution vulnerability in the Android media
framework ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a8cf161617bf0f7c9097b572369f7dfa66929c4
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a8cf161617bf0f7c9097b572369f7dfa66929c4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
