[Secure-testing-commits] r21558 - data/CVE

Helmut Grohne helmut-guest at alioth.debian.org
Sat Mar 9 12:43:25 UTC 2013 

Author: helmut-guest
Date: 2013-03-09 12:43:25 +0000 (Sat, 09 Mar 2013)
New Revision: 21558

Modified:
   data/CVE/list
Log:
NFUs, krb5 #702633

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-03-09 09:52:34 UTC (rev 21557)
+++ data/CVE/list	2013-03-09 12:43:25 UTC (rev 21558)
@@ -3061,7 +3061,7 @@
 CVE-2013-1141 (The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2013-1140 (The XML parser in Cisco Security Monitoring, Analysis, and Response ...)
-	TODO: check
+	NOT-FOR-US: Cisco Security MARS
 CVE-2013-1139 (The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 ...)
 	NOT-FOR-US: Cisco Cloud Portal
 CVE-2013-1138 (The NAT process on Cisco Adaptive Security Appliances (ASA) devices ...)
@@ -3484,7 +3484,7 @@
 CVE-2013-0932
 	RESERVED
 CVE-2013-0931 (EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not ...)
-	TODO: check
+	NOT-FOR-US: EMC RSA
 CVE-2013-0930 (Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 ...)
 	NOT-FOR-US: EMC AlphaStor
 CVE-2013-0929 (Format string vulnerability in the _vsnsprintf function in rrobotd.exe ...)
@@ -4097,9 +4097,9 @@
 CVE-2013-0710 (Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows ...)
 	NOT-FOR-US: Kingsoft Writer
 CVE-2013-0709 (Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows ...)
-	TODO: check
+	NOT-FOR-US: Bayashi dopvSTAR
 CVE-2013-0708 (Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows ...)
-	TODO: check
+	NOT-FOR-US: Bayashi dopvCOMET
 CVE-2013-0707 (Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, ...)
 	NOT-FOR-US: JustSystems Ichitaro
 CVE-2013-0706 (NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and ...)
@@ -7149,13 +7149,13 @@
 CVE-2012-5943
 	RESERVED
 CVE-2012-5942 (Cross-site scripting (XSS) vulnerability in the Data Management Portal ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli TADDM
 CVE-2012-5941 (Cross-site scripting (XSS) vulnerability in the WebAdmin application ...)
 	NOT-FOR-US: IBM
 CVE-2012-5940 (The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM ...)
 	NOT-FOR-US: IBM
 CVE-2012-5939 (Cross-site scripting (XSS) vulnerability in Welcome.do in the Data ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli TADDM
 CVE-2012-5938
 	RESERVED
 CVE-2012-5937
@@ -9394,7 +9394,7 @@
 CVE-2012-5054 (Integer overflow in the copyRawDataTo method in the Matrix3D class in ...)
 	NOT-FOR-US: Adobe Flash player
 CVE-2012-5053 (Cross-site scripting (XSS) vulnerability in the Receiver Web User ...)
-	TODO: check
+	NOT-FOR-US: Trimble Infrastructure GNSS Series Receivers
 CVE-2012-5052
 	RESERVED
 CVE-2012-5051 (Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows ...)
@@ -19871,7 +19871,7 @@
 	- acidbase <unfixed> (low; bug #659287)
 	[squeeze] - acidbase <no-dsa> (Minor issue)
 CVE-2012-1016 (The pkinit_server_return_padata function in ...)
-	TODO: check
+	- krb5 <undetermined> (bug #702633)
 CVE-2012-1015 (The kdc_handle_protected_negotiation function in the Key Distribution ...)
 	{DSA-2518-1}
 	- krb5 1.10.1+dfsg-2 (bug #683429)

More information about the Secure-testing-commits mailing list