[Secure-testing-commits] r27202 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Wed Jun 11 03:27:27 UTC 2014 

Author: helmutg
Date: 2014-06-11 03:27:26 +0000 (Wed, 11 Jun 2014)
New Revision: 27202

Modified:
   data/CVE/list
Log:
NFUs, CVE-2014-3227 somehow belongs to dpkg mess

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-06-10 21:14:19 UTC (rev 27201)
+++ data/CVE/list	2014-06-11 03:27:26 UTC (rev 27202)
@@ -99,13 +99,13 @@
 CVE-2014-3926
 	RESERVED
 CVE-2014-3924 (Multiple cross-site scripting (XSS) vulnerabilities in Webmin before ...)
-	TODO: check
+	NOT-FOR-US: Webmin
 CVE-2014-3923 (Multiple cross-site scripting (XSS) vulnerabilities in the Digital ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin Digital Zoom Studio Video Gallery
 CVE-2014-3922 (Cross-site scripting (XSS) vulnerability in Trend Micro InterScan ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro InterScan
 CVE-2014-3921 (Cross-site scripting (XSS) vulnerability in popup.php in the Simple ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin Simple Popup Images
 CVE-2013-7387 (Session fixation vulnerability in DataLife Engine (DLE) 9.7 and ...)
 	TODO: check
 CVE-2011-5280 (Multiple stack-based buffer overflows in BOINC 6.13.x allow remote ...)
@@ -493,7 +493,7 @@
 	RESERVED
 	- dotclear 2.6.3+dfsg-1
 CVE-2014-3780 (Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2014-3779
 	RESERVED
 CVE-2014-3778
@@ -1673,6 +1673,7 @@
 CVE-2014-3228
 	RESERVED
 CVE-2014-3227 (dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect ...)
+	- dpkg <undetermined>
 	TODO: check
 CVE-2014-3226
 	RESERVED
@@ -2201,7 +2202,7 @@
 CVE-2014-3011
 	RESERVED
 CVE-2014-3010 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2014-3009
 	RESERVED
 CVE-2014-3008 (Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to ...)
@@ -3955,11 +3956,11 @@
 CVE-2014-2355
 	RESERVED
 CVE-2014-2354 (Cogent DataHub before 7.3.5 does not use a salt during password ...)
-	TODO: check
+	NOT-FOR-US: Cogent DataHub
 CVE-2014-2353 (Cross-site scripting (XSS) vulnerability in Cogent DataHub before ...)
-	TODO: check
+	NOT-FOR-US: Cogent DataHub
 CVE-2014-2352 (Directory traversal vulnerability in Cogent DataHub before 7.3.5 ...)
-	TODO: check
+	NOT-FOR-US: Cogent DataHub
 CVE-2014-2351 (SQL injection vulnerability in the LiveData service in CSWorks before ...)
 	NOT-FOR-US: CSWorks
 CVE-2014-2350 (Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded ...)

More information about the Secure-testing-commits mailing list