[Secure-testing-commits] r27556 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Wed Jul 2 06:00:11 UTC 2014 

Author: helmutg
Date: 2014-07-02 06:00:11 +0000 (Wed, 02 Jul 2014)
New Revision: 27556

Modified:
   data/CVE/list
Log:
NFUs and undetermined affects nova, cinder, mojarra

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-07-01 21:14:09 UTC (rev 27555)
+++ data/CVE/list	2014-07-02 06:00:11 UTC (rev 27556)
@@ -6515,7 +6515,7 @@
 CVE-2014-2002 (Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 1.01b6 and ...)
 	NOT-FOR-US: C-BOARD Moyuku
 CVE-2014-2001 (The East Japan Railway Company JR East Japan application before 1.2.0 ...)
-	TODO: check
+	NOT-FOR-US: Android application for East Japan Railway Company
 CVE-2014-2000 (The NTT 050 plus application before 4.2.1 for Android allows attackers ...)
 	NOT-FOR-US: NTT application for Android
 CVE-2014-1999
@@ -28243,6 +28243,8 @@
 CVE-2013-1069 (Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable ...)
 	NOT-FOR-US: Ubuntu MAAS
 CVE-2013-1068 (The OpenStack Nova (python-nova) package 1:2013.2.3-0 before ...)
+	- nova <undetermined>
+	- cinder <undetermined>
 	TODO: check
 CVE-2013-1067 (Apport 2.12.5 and earlier uses weak permissions for core dump files ...)
 	- apport 2.12.6-1 (bug #727661)
@@ -42919,7 +42921,7 @@
 CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 FirePass ...)
 	NOT-FOR-US: F5 Firepass
 CVE-2012-2052 (Stack-based buffer overflow in the U3D.8BI library plugin in Adobe ...)
-	TODO: check
+	NOT-FOR-US: Adobe Photoshop plugin U3D.8BI library
 CVE-2012-2051 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2012-2050 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x ...)
@@ -49886,6 +49888,7 @@
 CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development ...)
 	NOT-FOR-US: Adobe Cold Fusion
 CVE-2011-4367 (Multiple directory traversal vulnerabilities in MyFaces JavaServer ...)
+	- mojarra <undetermined>
 	TODO: check
 CVE-2011-4366
 	RESERVED
@@ -55482,7 +55485,7 @@
 CVE-2011-2593
 	RESERVED
 CVE-2011-2592 (Heap-based buffer overflow in the StartEpa method in the nsepacom ...)
-	TODO: check
+	NOT-FOR-US: ActiveX control for Citrix Access Gateway
 CVE-2011-2591 (Multiple buffer overflows in the Provideo ActiveX controls allow ...)
 	NOT-FOR-US: Provideo ActiveX
 CVE-2011-2590 (The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 ...)

More information about the Secure-testing-commits mailing list