[Secure-testing-commits] r20466 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Thu Nov 8 20:51:32 UTC 2012
Author: federico-guest
Date: 2012-11-08 20:51:32 +0000 (Thu, 08 Nov 2012)
New Revision: 20466
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-08 13:38:04 UTC (rev 20465)
+++ data/CVE/list 2012-11-08 20:51:32 UTC (rev 20466)
@@ -45,21 +45,21 @@
CVE-2012-5826
RESERVED
CVE-2011-5243 (TwitterOAuth does not verify that the server hostname matches a domain ...)
- TODO: check
+ NOT-FOR-US: TwitterOAuth
CVE-2011-5242 (tmhOAuth before 0.61 does not verify that the server hostname matches ...)
- TODO: check
+ NOT-FOR-US: tmhOAuth
CVE-2011-5241 (Services_Twitter 0.6.3 does not verify that the server hostname ...)
NOT-FOR-US: PEAR module for Twitter
CVE-2011-5240 (Magento 1.5 and 1.6.2 does not verify that the server hostname matches ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2011-5239 (CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname ...)
TODO: check
CVE-2011-5238 (google-checkout-php-sample-code before 1.3.2 does not verify that the ...)
- TODO: check
+ NOT-FOR-US: google-checkout-php-sample-code
CVE-2011-5237 (PayPal WPS ToolKit does not verify that the server hostname matches a ...)
- TODO: check
+ NOT-FOR-US: PayPal WPS ToolKit
CVE-2011-5236 (Moneris eSelectPlus 2.03 PHP API does not verify that the server ...)
- TODO: check
+ NOT-FOR-US: Moneris eSelectPlus 2.03 PHP API
CVE-2012-5825 (Tweepy does not verify that the server hostname matches a domain name ...)
- tweepy <unfixed> (low; bug #692444)
CVE-2012-5824 (Trillian 5.1.0.19 does not verify that the server hostname matches a ...)
@@ -73,13 +73,13 @@
[squeeze] - lynx-cur <no-dsa> (Minor issue)
[wheezy] - lynx-cur <no-dsa> (Minor issue)
CVE-2012-5820 (The developer-account sample code in Google AdMob does not verify that ...)
- TODO: check
+ NOT-FOR-US: Google AdMob
CVE-2012-5819 (FilesAnywhere does not verify that the server hostname matches a ...)
- TODO: check
+ NOT-FOR-US: FilesAnywhere
CVE-2012-5818 (ElephantDrive does not verify that the server hostname matches a ...)
- TODO: check
+ NOT-FOR-US: ElephantDrive
CVE-2012-5817 (Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools ...)
- TODO: check
+ NOT-FOR-US: Codehaus XFire
CVE-2012-5816 (AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the server ...)
NOT-FOR-US: AOL Instant Messenger
CVE-2012-5815 (The Rackspace app 2.1.5 for iOS does not verify that the server ...)
@@ -131,15 +131,15 @@
CVE-2012-5792 (The Sage Pay Direct module in osCommerce does not verify that the ...)
NOT-FOR-US: osCommerce module
CVE-2012-5791 (PayPal Invoicing does not verify that the server hostname matches a ...)
- TODO: check
+ NOT-FOR-US: PayPal Invoicing
CVE-2012-5790 (PayPal Payments Standard PHP Library 20120427 does not verify that the ...)
- TODO: check
+ NOT-FOR-US: PayPal Payments Standard PHP Library
CVE-2012-5789 (PayPal Payments Standard PHP Library before 20120427 does not verify ...)
- TODO: check
+ NOT-FOR-US: PayPal Payments Standard PHP Library
CVE-2012-5788 (The PayPal IPN utility does not verify that the server hostname ...)
- TODO: check
+ NOT-FOR-US: The PayPal IPN utility
CVE-2012-5787 (The PayPal merchant SDK does not verify that the server hostname ...)
- TODO: check
+ NOT-FOR-US: The PayPal merchant SDK
CVE-2012-5786 (The wsdl_first_https sample code in ...)
NOT-FOR-US: Apache CXF
CVE-2012-5785 (Apache Axis2/Java 1.6.2 and earlier does not verify that the server ...)
@@ -149,11 +149,11 @@
CVE-2012-5783 (Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments ...)
- commons-httpclient <unfixed> (bug #692442)
CVE-2012-5782 (Amazon Flexible Payments Service (FPS) PHP Library does not verify ...)
- TODO: check
+ NOT-FOR-US: Amazon Flexible Payments Service
CVE-2012-5781 (Amazon Elastic Load Balancing API Tools does not verify that the ...)
- TODO: check
+ NOT-FOR-US: Amazon Elastic Load Balancing API Tools
CVE-2012-5780 (The Amazon merchant SDK does not verify that the server hostname ...)
- TODO: check
+ NOT-FOR-US: The Amazon merchant SDK
CVE-2012-5779
RESERVED
CVE-2012-5778
More information about the Secure-testing-commits
mailing list