Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4e8fdff8 by Moritz Muehlenhoff at 2018-02-20T11:35:37+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22996,18 +22996,18 @@ CVE-2017-15852
CVE-2017-15851
RESERVED
CVE-2017-15850 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-15849 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
TODO: check
CVE-2017-15848 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-15847 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-15846
RESERVED
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15845 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-15844
RESERVED
CVE-2017-15843
@@ -25951,7 +25951,7 @@ CVE-2017-14881
CVE-2017-14880
RESERVED
CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-14878
RESERVED
CVE-2017-14877
@@ -25966,15 +25966,15 @@ CVE-2017-14875
CVE-2017-14874
RESERVED
CVE-2017-14873 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-14872
RESERVED
CVE-2017-14871
RESERVED
CVE-2017-14870 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-14869 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-14868 (Restlet Framework before 2.3.11, when using SimpleXMLProvider,
allows ...)
- restlet <itp> (bug #596472)
CVE-2017-14866 (There is a heap-based buffer overflow in the Exiv2::s2Data
function of ...)
@@ -30485,25 +30485,21 @@ CVE-2017-13228 (In function ih264d_ref_idx_reordering
of libavc, there is an ...
CVE-2017-13227
RESERVED
CVE-2017-13226 (An elevation of privilege vulnerability in the MediaTek mtk.
Product: ...)
- TODO: check
+ NOT-FOR-US: Mediatek components for Android
CVE-2017-13225 (In libMtkOmxVdec.so there is a possible heap buffer overflow.
This ...)
- TODO: check
+ NOT-FOR-US: Mediatek components for Android
CVE-2017-13224
RESERVED
CVE-2017-13223
RESERVED
CVE-2017-13222 (An information disclosure vulnerability in the Upstream kernel
kernel. ...)
- - linux <undetermined>
- NOTE: No details/release available other than the description of
'upstream kernel'
+ NOT-FOR-US: Android kernel component (no source release, no apparently
not affecting mainline)
CVE-2017-13221 (An elevation of privilege vulnerability in the Upstream kernel
wifi ...)
- - linux <undetermined>
- NOTE: No details/release available other than the description of
'upstream kernel wifi driver'
+ NOT-FOR-US: Android kernel component (no source release, no apparently
not affecting mainline)
CVE-2017-13220 (An elevation of privilege vulnerability in the Upstream kernel
bluez. ...)
- - linux <undetermined>
- - bluez <undetermined>
- NOTE: No details/release available other than the description of
'upstream kernel bluez'
+ NOT-FOR-US: Android kernel component (no source release, no apparently
not affecting mainline)
CVE-2017-13219 (A denial of service vulnerability in the Upstream kernel
synaptics ...)
- TODO: check
+ NOT-FOR-US: Android kernel component (no source release, no apparently
not affecting mainline)
CVE-2017-13218 (Access to CNTVCT_EL0 could be used for side channel attacks.
This ...)
TODO: check
CVE-2017-13217 (In DisplayFtmItem in the bootloader, there is an out-of-bounds
write ...)
@@ -30519,9 +30515,9 @@ CVE-2017-13215 (A elevation of privilege vulnerability
in the Upstream kernel ..
CVE-2017-13214 (In the hardware HEVC decoder, some media files could cause a
page ...)
TODO: check
CVE-2017-13213 (An elevation of privilege vulnerability in the Broadcom bcmdhd
driver. ...)
- TODO: check
+ NOT-FOR-US: Broadcom component for Android
CVE-2017-13212 (An elevation of privilege vulnerability in the Android system
...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-13211 (In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is
possible ...)
TODO: check
CVE-2017-13210 (In CameraDeviceClient::submitRequestList of
CameraDeviceClient.cpp, ...)
@@ -30531,25 +30527,25 @@ CVE-2017-13209 (In the ServiceManager::add function
in the hardware service mana
CVE-2017-13208 (In receive_packet of libnetutils/packet.c, there is a possible
...)
TODO: check
CVE-2017-13207 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13206 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13205 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13204 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13203 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13202 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13201 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13200 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13199 (In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory
exception ...)
TODO: check
CVE-2017-13198 (A vulnerability in the Android media framework (ex) related to
...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13197 (In the ihevcd_parse_slice.c function, slave threads are not
joined if ...)
TODO: check
CVE-2017-13196 (In several places in ihevcd_decode.c, a dead loop could occur
due to ...)
@@ -30567,17 +30563,17 @@ CVE-2017-13192 (In the ihevcd_parse_slice_header
function of ...)
CVE-2017-13191 (In the ihevcd_decode function of ihevcd_decode.c, there is an
infinite ...)
TODO: check
CVE-2017-13190 (A vulnerability in the Android media framework (libhevc)
related to ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13189 (A vulnerability in the Android media framework (libavc)
related to ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13188 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13187 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13186 (A vulnerability in the Android media framework (libavc)
related to ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13185 (An information disclosure vulnerability in the Android media
framework ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2017-13184 (In the enableVSyncInjections function of SurfaceFlinger, there
is a ...)
TODO: check
CVE-2017-13183 (In the OMXNodeInstance::useBuffer and IOMX::freeBuffer
functions, ...)
@@ -37366,11 +37362,11 @@ CVE-2017-11083
CVE-2017-11082
RESERVED
CVE-2017-11081 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11080 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11079 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11078
RESERVED
CVE-2017-11077
@@ -37384,7 +37380,7 @@ CVE-2017-11074
CVE-2017-11073 (In android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-11072 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: HTC component for Android
CVE-2017-11071
RESERVED
CVE-2017-11070
@@ -37396,7 +37392,7 @@ CVE-2017-11068
CVE-2017-11067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-11066 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11065
RESERVED
CVE-2017-11064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
@@ -37522,7 +37518,7 @@ CVE-2017-11005 (In Android for MSM, Firefox OS for MSM,
QRD Android, with all An
CVE-2017-11004
RESERVED
CVE-2017-11003 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11002 (In all Qualcomm products with Android releases from CAF using
the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-11001 (In all Qualcomm products with Android releases from CAF using
the ...)
@@ -41194,7 +41190,7 @@ CVE-2017-9714 (In Android for MSM, Firefox OS for MSM,
QRD Android, with all And
CVE-2017-9713
RESERVED
CVE-2017-9712 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-9711
RESERVED
CVE-2017-9710 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
@@ -41208,7 +41204,7 @@ CVE-2017-9707
CVE-2017-9706 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-9705 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-9704
RESERVED
CVE-2017-9703 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
@@ -41244,7 +41240,7 @@ CVE-2017-9691
CVE-2017-9690 (In android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-9689 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-9688
RESERVED
CVE-2017-9687 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
@@ -67578,7 +67574,7 @@ CVE-2017-0848 (An information disclosure vulnerability
in the Android media fram
CVE-2017-0847 (An elevation of privilege vulnerability in the Android media
framework ...)
NOT-FOR-US: Android media framework
CVE-2017-0846 (An information disclosure vulnerability in the Android
framework ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0845 (A denial of service vulnerability in the Android framework ...)
TODO: check
CVE-2017-0844
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e8fdff8bcdd7951bc6816639b4b08d1ab529262
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e8fdff8bcdd7951bc6816639b4b08d1ab529262
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
