[Secure-testing-commits] r26948 - data/CVE
Helmut Grohne
helmutg at moszumanska.debian.org
Sat May 17 06:25:39 UTC 2014
Author: helmutg
Date: 2014-05-17 06:25:39 +0000 (Sat, 17 May 2014)
New Revision: 26948
Modified:
data/CVE/list
Log:
NFUs, undetermined kfreebsd issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-17 06:07:03 UTC (rev 26947)
+++ data/CVE/list 2014-05-17 06:25:39 UTC (rev 26948)
@@ -501,9 +501,9 @@
CVE-2014-3221
RESERVED
CVE-2014-3220 (F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IQ
CVE-2013-7375 (SQL injection vulnerability in includes/classes/Authenticate.class.php ...)
- TODO: check
+ NOT-FOR-US: PHP-Fusion
CVE-2014-3145 (The BPF_S_ANC_NLATTR_NEST extension implementation in the ...)
- linux 3.14.4-1
- linux-2.6 <removed>
@@ -1018,7 +1018,7 @@
CVE-2014-3002
RESERVED
CVE-2014-3001 (The device file system (aka devfs) in FreeBSD 10.0 before p2 does not ...)
- TODO: check
+ - kfreebsd-10 <undetermined>
CVE-2014-3000 (The TCP reassembly function in the inet module in FreeBSD 8.3 before ...)
- kfreebsd-10 10.0-5 (bug #746949)
- kfreebsd-9 <unfixed> (bug #746951)
@@ -1400,7 +1400,7 @@
- llvm-toolchain-3.3 <unfixed>
- llvm-toolchain-3.4 <unfixed>
CVE-2014-2854 (Cross-site scripting (XSS) vulnerability in the SemanticTitle ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extension SemanticTitle
CVE-2014-2853 (Cross-site scripting (XSS) vulnerability in ...)
- mediawiki <not-affected> (Vulnerable code not present)
CVE-2014-2852 (OpenAFS before 1.6.7 delays the listen thread when an ...)
@@ -1817,7 +1817,7 @@
CVE-2014-2690 (Citrix VDI-in-a-Box 5.3.x before 5.3.6 and 5.4.x before 5.4.3 allows ...)
NOT-FOR-US: Citrix VDI-in-a-Box
CVE-2014-2689 (Cross-site scripting (XSS) vulnerability in Offiria 2.1.0 and earlier ...)
- TODO: check
+ NOT-FOR-US: Offiria
CVE-2014-2688
RESERVED
CVE-2014-2687
@@ -2744,7 +2744,7 @@
CVE-2014-2348
RESERVED
CVE-2014-2347 (Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage ...)
- TODO: check
+ NOT-FOR-US: Amtelco miSecureMessages
CVE-2014-2346
RESERVED
CVE-2014-2345
@@ -3635,9 +3635,9 @@
CVE-2014-1990 (Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the ...)
NOT-FOR-US: TOSHIBA TEC e-Studio
CVE-2014-1989 (Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2014-1988 (The Phone Messages feature in Cybozu Garoon 2.0.0 through 3.7 SP2 ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2014-1987
RESERVED
CVE-2014-1986 (The Content Provider in the KOKUYO CamiApp application 1.21.1 and ...)
@@ -6112,7 +6112,7 @@
CVE-2014-0912
RESERVED
CVE-2014-0911 (inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere MQ
CVE-2014-0910
RESERVED
CVE-2014-0909
@@ -9800,7 +9800,7 @@
CVE-2013-6727 (The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 ...)
NOT-FOR-US: IBM Sametime
CVE-2013-6726 (Multiple cross-site scripting (XSS) vulnerabilities in WebProcess.srv ...)
- TODO: check
+ NOT-FOR-US: IBM TRIRIGA Application Platform
CVE-2013-6725 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
NOT-FOR-US: IBM WebSphere
CVE-2013-6724 (Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS ...)
@@ -17718,7 +17718,7 @@
CVE-2013-3737
RESERVED
CVE-2013-3736 (Cross-site scripting (XSS) vulnerability in the MobileUI (aka ...)
- TODO: check
+ NOT-FOR-US: Request Tracker extension MobileUI
CVE-2013-3735 (** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 ...)
- php5 <unfixed> (unimportant)
NOTE: exploitable by malicious scripts only
@@ -22917,7 +22917,7 @@
CVE-2013-1804 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion ...)
NOT-FOR-US: PHP-Fusion
CVE-2013-1803 (Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 ...)
- TODO: check
+ NOT-FOR-US: PHP-Fusion
CVE-2013-1802 (The extlib gem 0.9.15 and earlier for Ruby does not properly restrict ...)
- ruby-extlib 0.9.15-3 (bug #697895)
- libextlib-ruby <removed> (bug #697895)
More information about the Secure-testing-commits
mailing list