[Secure-testing-commits] r20466 - data/CVE

Federico Ceratto federico-guest at alioth.debian.org
Thu Nov 8 20:51:32 UTC 2012


Author: federico-guest
Date: 2012-11-08 20:51:32 +0000 (Thu, 08 Nov 2012)
New Revision: 20466

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-11-08 13:38:04 UTC (rev 20465)
+++ data/CVE/list	2012-11-08 20:51:32 UTC (rev 20466)
@@ -45,21 +45,21 @@
 CVE-2012-5826
 	RESERVED
 CVE-2011-5243 (TwitterOAuth does not verify that the server hostname matches a domain ...)
-	TODO: check
+	NOT-FOR-US: TwitterOAuth
 CVE-2011-5242 (tmhOAuth before 0.61 does not verify that the server hostname matches ...)
-	TODO: check
+	NOT-FOR-US: tmhOAuth
 CVE-2011-5241 (Services_Twitter 0.6.3 does not verify that the server hostname ...)
 	NOT-FOR-US: PEAR module for Twitter
 CVE-2011-5240 (Magento 1.5 and 1.6.2 does not verify that the server hostname matches ...)
-	TODO: check
+	NOT-FOR-US: Magento
 CVE-2011-5239 (CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname ...)
 	TODO: check
 CVE-2011-5238 (google-checkout-php-sample-code before 1.3.2 does not verify that the ...)
-	TODO: check
+	NOT-FOR-US: google-checkout-php-sample-code
 CVE-2011-5237 (PayPal WPS ToolKit does not verify that the server hostname matches a ...)
-	TODO: check
+	NOT-FOR-US: PayPal WPS ToolKit
 CVE-2011-5236 (Moneris eSelectPlus 2.03 PHP API does not verify that the server ...)
-	TODO: check
+	NOT-FOR-US: Moneris eSelectPlus 2.03 PHP API
 CVE-2012-5825 (Tweepy does not verify that the server hostname matches a domain name ...)
 	- tweepy <unfixed> (low; bug #692444)
 CVE-2012-5824 (Trillian 5.1.0.19 does not verify that the server hostname matches a ...)
@@ -73,13 +73,13 @@
 	[squeeze] - lynx-cur <no-dsa> (Minor issue)
 	[wheezy] - lynx-cur <no-dsa> (Minor issue)
 CVE-2012-5820 (The developer-account sample code in Google AdMob does not verify that ...)
-	TODO: check
+	NOT-FOR-US: Google AdMob
 CVE-2012-5819 (FilesAnywhere does not verify that the server hostname matches a ...)
-	TODO: check
+	NOT-FOR-US: FilesAnywhere
 CVE-2012-5818 (ElephantDrive does not verify that the server hostname matches a ...)
-	TODO: check
+	NOT-FOR-US: ElephantDrive
 CVE-2012-5817 (Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools ...)
-	TODO: check
+	NOT-FOR-US: Codehaus XFire
 CVE-2012-5816 (AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the server ...)
 	NOT-FOR-US: AOL Instant Messenger
 CVE-2012-5815 (The Rackspace app 2.1.5 for iOS does not verify that the server ...)
@@ -131,15 +131,15 @@
 CVE-2012-5792 (The Sage Pay Direct module in osCommerce does not verify that the ...)
 	NOT-FOR-US: osCommerce module
 CVE-2012-5791 (PayPal Invoicing does not verify that the server hostname matches a ...)
-	TODO: check
+	NOT-FOR-US: PayPal Invoicing
 CVE-2012-5790 (PayPal Payments Standard PHP Library 20120427 does not verify that the ...)
-	TODO: check
+	NOT-FOR-US: PayPal Payments Standard PHP Library
 CVE-2012-5789 (PayPal Payments Standard PHP Library before 20120427 does not verify ...)
-	TODO: check
+	NOT-FOR-US: PayPal Payments Standard PHP Library
 CVE-2012-5788 (The PayPal IPN utility does not verify that the server hostname ...)
-	TODO: check
+	NOT-FOR-US: The PayPal IPN utility
 CVE-2012-5787 (The PayPal merchant SDK does not verify that the server hostname ...)
-	TODO: check
+	NOT-FOR-US: The PayPal merchant SDK
 CVE-2012-5786 (The wsdl_first_https sample code in ...)
 	NOT-FOR-US: Apache CXF
 CVE-2012-5785 (Apache Axis2/Java 1.6.2 and earlier does not verify that the server ...)
@@ -149,11 +149,11 @@
 CVE-2012-5783 (Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments ...)
 	- commons-httpclient <unfixed> (bug #692442)
 CVE-2012-5782 (Amazon Flexible Payments Service (FPS) PHP Library does not verify ...)
-	TODO: check
+	NOT-FOR-US: Amazon Flexible Payments Service
 CVE-2012-5781 (Amazon Elastic Load Balancing API Tools does not verify that the ...)
-	TODO: check
+	NOT-FOR-US: Amazon Elastic Load Balancing API Tools
 CVE-2012-5780 (The Amazon merchant SDK does not verify that the server hostname ...)
-	TODO: check
+	NOT-FOR-US: The Amazon merchant SDK
 CVE-2012-5779
 	RESERVED
 CVE-2012-5778




More information about the Secure-testing-commits mailing list