[Secure-testing-commits] r27507 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Jun 27 17:55:04 UTC 2014
Author: jmm
Date: 2014-06-27 17:55:04 +0000 (Fri, 27 Jun 2014)
New Revision: 27507
Modified:
data/CVE/list
Log:
NFUs and some cleanups
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-27 15:29:53 UTC (rev 27506)
+++ data/CVE/list 2014-06-27 17:55:04 UTC (rev 27507)
@@ -371,7 +371,6 @@
- linux <unfixed>
- linux-2.6 <removed>
NOTE: http://article.gmane.org/gmane.linux.kernel/1726110
- TODO: check, not verified
CVE-2014-4504
RESERVED
CVE-2014-4503
@@ -684,10 +683,8 @@
RESERVED
CVE-2014-4349 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- phpmyadmin <unfixed>
- TODO: check
CVE-2014-4348 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- phpmyadmin <unfixed>
- TODO: check
CVE-2014-4347
RESERVED
CVE-2014-4346
@@ -1680,7 +1677,7 @@
CVE-2014-3884
RESERVED
CVE-2014-3883 (Usermin before 1.600 allows remote attackers to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: Usermin
CVE-2014-3882 (Cross-site request forgery (CSRF) vulnerability in the Login rebuilder ...)
TODO: check
CVE-2014-3881
@@ -1690,7 +1687,6 @@
- kfreebsd-8 <removed>
- kfreebsd-9 <unfixed>
- kfreebsd-10 10.0-6
- TODO: check
CVE-2014-3879
RESERVED
CVE-2014-3878 (Multiple cross-site scripting (XSS) vulnerabilities in the web client ...)
@@ -2589,7 +2585,6 @@
- qemu <unfixed>
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-06/msg05283.html
- TODO: check
CVE-2014-3470 (The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL ...)
{DSA-2950-1}
- openssl 1.0.1h-1 (bug #750665)
@@ -2780,7 +2775,7 @@
CVE-2014-3432
RESERVED
CVE-2014-3431 (Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x ...)
- TODO: check
+ NOT-FOR-US: Symantec PGP Desktop
CVE-2014-3429
RESERVED
CVE-2014-3428 (Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with ...)
@@ -3030,13 +3025,13 @@
CVE-2014-3300
RESERVED
CVE-2014-3299 (Cisco IOS allows remote authenticated users to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2014-3298
RESERVED
CVE-2014-3297
RESERVED
CVE-2014-3296 (The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server ...)
- TODO: check
+ NOT-FOR-US: Cisco WebEx
CVE-2014-3295 (The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows ...)
NOT-FOR-US: Cisco NX-OS
CVE-2014-3294 (Cisco WebEx Meeting Server does not properly restrict the content of ...)
@@ -20979,7 +20974,6 @@
[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://tracker.moodle.org/browse/MDL-41449
NOTE: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
- TODO: check, bug is currently private
CVE-2013-3629
RESERVED
CVE-2013-3628
@@ -27213,7 +27207,6 @@
CVE-2013-1442 (Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not ...)
- xen <unfixed>
[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
- TODO: check, see NOTE
NOTE: advisory say: In Xen 4.0.2 through 4.0.4 as well as in Xen 4.1.x XSAVE support is disabled by default
CVE-2013-1441 (econvert in ExactImage 0.8.9 and earlier does not properly initialize ...)
{DSA-2754-1}
@@ -34526,7 +34519,7 @@
CVE-2012-5107
RESERVED
CVE-2012-5106 (Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: FreeFloat FTP Server
CVE-2012-5159 (phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror ...)
- phpmyadmin <not-affected>
CVE-2012-5105 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager ...)
More information about the Secure-testing-commits
mailing list