[Secure-testing-commits] r26876 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Thu May 8 19:37:26 UTC 2014 

Author: helmutg
Date: 2014-05-08 19:37:26 +0000 (Thu, 08 May 2014)
New Revision: 26876

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-08 16:14:06 UTC (rev 26875)
+++ data/CVE/list	2014-05-08 19:37:26 UTC (rev 26876)
@@ -534,9 +534,9 @@
 CVE-2014-2987
 	RESERVED
 CVE-2013-7373 (Android before 4.4 does not properly arrange for seeding of the ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2013-7372 (The engineNextBytes function in ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2011-5279 (CRLF injection vulnerability in the CGI implementation in Microsoft ...)
 	NOT-FOR-US: Microsoft IIS
 CVE-2014-3122 [mm: try_to_unmap_cluster() should lock_page() before mlocking]
@@ -2463,7 +2463,8 @@
 CVE-2014-2261
 	RESERVED
 CVE-2014-2260 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Ajenti
+	NOTE: Ubuntu package ajenti
 CVE-2014-2259 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 ...)
 	NOT-FOR-US: Siemens
 CVE-2014-2258 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
@@ -14245,15 +14246,15 @@
 CVE-2013-4727
 	RESERVED
 CVE-2013-4726 (Cross-site request forgery (CSRF) vulnerability in DDSN Interactive ...)
-	TODO: check
+	NOT-FOR-US: Acroa CMS
 CVE-2013-4725
 	RESERVED
 CVE-2013-4724
 	RESERVED
 CVE-2013-4723 (Open redirect vulnerability in DDSN Interactive cm3 Acora CMS ...)
-	TODO: check
+	NOT-FOR-US: Acora CMS
 CVE-2013-4722 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: Acora CMS
 CVE-2010-5288 (Buffer overflow in the lsConnectionCached function in editcp in ...)
 	NOT-FOR-US: EDItran Communications Platform
 CVE-2013-4721 (SQL injection vulnerability in the RSS feed from records extension ...)
@@ -15751,7 +15752,7 @@
 	- tomcat7 7.0.47
 	- tomcat8 8.0.0
 CVE-2013-4285 (A certain Gentoo patch for the PAM S/Key module does not properly ...)
-	TODO: check
+	NOT-FOR-US: pam_skey
 CVE-2013-4284 (Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers ...)
 	NOT-FOR-US: Cumin
 CVE-2013-4283 (ns-slapd in 389 Directory Server before 1.3.0.8 allows remote ...)

More information about the Secure-testing-commits mailing list