[Secure-testing-commits] r27465 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Thu Jun 26 21:26:45 UTC 2014


Author: helmutg
Date: 2014-06-26 21:26:45 +0000 (Thu, 26 Jun 2014)
New Revision: 27465

Modified:
   data/CVE/list
Log:
NFUs, fckeditor?

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-06-26 21:13:24 UTC (rev 27464)
+++ data/CVE/list	2014-06-26 21:26:45 UTC (rev 27465)
@@ -1223,6 +1223,10 @@
 CVE-2014-4038 (ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a ...)
 	- ppc64-diag <itp> (bug #740179)
 CVE-2014-4037 (Cross-site scripting (XSS) vulnerability in ...)
+	- fckeditor <undetermined>
+	- docvert <removed>
+	- moin <not-affected> (unused emebdded copy)
+	- knowledgeroot <not-affected> (unused embedded copy)
 	TODO: check
 CVE-2014-4036 (Cross-site scripting (XSS) vulnerability in modules/system/admin.php ...)
 	NOT-FOR-US: ImpressCMS
@@ -2962,11 +2966,11 @@
 CVE-2014-3290 (The mDNS implementation in Cisco IOS XE 3.12S does not properly ...)
 	NOT-FOR-US: Cisco IOS XE
 CVE-2014-3289 (Cross-site scripting (XSS) vulnerability in the web management ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2014-3288
 	RESERVED
 CVE-2014-3287 (SQL injection vulnerability in BulkViewFileContentsAction.java in the ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2014-3286 (The web framework in Cisco WebEx Meeting Server does not properly ...)
 	NOT-FOR-US: Cisco WebEx Meeting Server
 CVE-2014-3285 (Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when ...)
@@ -25944,7 +25948,7 @@
 CVE-2013-1757
 	RESERVED
 CVE-2013-1756 (The Dragonfly gem 0.7 before 0.8.6 and 0.9.x before 0.9.13 for Ruby, ...)
-	TODO: check
+	NOT-FOR-US: Dragonfly Ruby gem
 CVE-2013-1755
 	RESERVED
 CVE-2013-1754




More information about the Secure-testing-commits mailing list