[Secure-testing-commits] r22987 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Wed Jul 17 15:49:33 UTC 2013 

Author: carnil
Date: 2013-07-17 15:49:33 +0000 (Wed, 17 Jul 2013)
New Revision: 22987

Modified:
   data/CVE/list
Log:
add NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-17 15:12:28 UTC (rev 22986)
+++ data/CVE/list	2013-07-17 15:49:33 UTC (rev 22987)
@@ -128,7 +128,7 @@
 	[squeeze] - eglibc <no-dsa> (Incorrect hardening, only applies to statically linked binaries)
 	[wheezy] - eglibc <no-dsa> (Incorrect hardening, only applies to statically linked binaries)
 CVE-2013-4787 (Android 1.6 Donut through 4.2 Jelly Bean does not properly check ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2013-4786 (The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange ...)
 	TODO: check
 CVE-2013-4784 (The HP Integrated Lights-Out (iLO) BMC implementation allows remote ...)
@@ -2814,9 +2814,9 @@
 CVE-2013-3579 (The Lookout Mobile Security application before 8.17-8a39d3f for ...)
 	NOT-FOR-US: Lookout Mobile Security application for Android
 CVE-2013-3578 (SQL injection vulnerability in the Help Desk application in Wave ...)
-	TODO: check
+	NOT-FOR-US: ERAS
 CVE-2013-3577 (SQL injection vulnerability in the Help Desk application in Wave ...)
-	TODO: check
+	NOT-FOR-US: ERAS
 CVE-2013-3576 (ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote ...)
 	NOT-FOR-US: HP System Management Homepage
 CVE-2013-3575 (hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics ...)
@@ -3155,13 +3155,13 @@
 CVE-2013-3425
 	RESERVED
 CVE-2013-3424 (Cross-site request forgery (CSRF) vulnerability in Administration and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-3423 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3422 (Cross-site scripting (XSS) vulnerability in Administration pages in ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-3421 (Cross-site scripting (XSS) vulnerability in the Help index page in ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-3420
 	RESERVED
 CVE-2013-3419 (Cross-site scripting (XSS) vulnerability in Cisco Unified MeetingPlace ...)
@@ -4798,9 +4798,9 @@
 CVE-2013-2689
 	RESERVED
 CVE-2013-2688 (Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through ...)
-	TODO: check
+	NOT-FOR-US: QNX Software Development Platform
 CVE-2013-2687 (Stack-based buffer overflow in the bpe_decompress function in (1) ...)
-	TODO: check
+	NOT-FOR-US: QNX
 CVE-2013-2686 (main/http.c in the HTTP server in Asterisk Open Source 1.8.x before ...)
 	- asterisk 1:1.8.13.1~dfsg-2 (bug #704114)
 	[squeeze] - asterisk <not-affected> (httpd code does not read HTTP POST variables)

More information about the Secure-testing-commits mailing list