[Secure-testing-commits] r26963 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Mon May 19 06:06:26 UTC 2014 

Author: helmutg
Date: 2014-05-19 06:06:26 +0000 (Mon, 19 May 2014)
New Revision: 26963

Modified:
   data/CVE/list
Log:
NFUs, 1 foreman itp

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-19 05:13:31 UTC (rev 26962)
+++ data/CVE/list	2014-05-19 06:06:26 UTC (rev 26963)
@@ -6038,7 +6038,7 @@
 CVE-2014-0964
 	RESERVED
 CVE-2014-0963 (The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in ...)
-	TODO: check
+	NOT-FOR-US: IBM Global Security Kit
 CVE-2014-0962
 	RESERVED
 CVE-2014-0961
@@ -6138,7 +6138,7 @@
 CVE-2014-0914
 	RESERVED
 CVE-2014-0913 (Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino ...)
-	TODO: check
+	NOT-FOR-US: IBM iNotes
 CVE-2014-0912
 	RESERVED
 CVE-2014-0911 (inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before ...)
@@ -6896,7 +6896,7 @@
 CVE-2014-0596
 	RESERVED
 CVE-2014-0595 (/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open ...)
-	TODO: check
+	NOT-FOR-US: Novel OES
 CVE-2014-0594
 	RESERVED
 CVE-2014-0593
@@ -8074,7 +8074,7 @@
 CVE-2014-0363 (The ServerTrustManager component in the Ignite Realtime Smack XMPP API ...)
 	NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
 CVE-2014-0362 (Cross-site scripting (XSS) vulnerability on Google Search Appliance ...)
-	TODO: check
+	NOT-FOR-US: Google Search Appliance
 CVE-2014-0361 (The default configuration of IBM 4690 OS, as used in Toshiba Global ...)
 	NOT-FOR-US: IBM
 CVE-2014-0360
@@ -8939,7 +8939,8 @@
 CVE-2014-0136
 	RESERVED
 CVE-2014-0135 (Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses ...)
-	TODO: check
+	NOT-FOR-US: Kafo
+	NOTE: Might be packaged after foreman (ITP bug #663101)
 CVE-2014-0134 (The instance rescue mode in OpenStack Compute (Nova) 2013.2 before ...)
 	- nova 2013.2.2-4 (bug #742712)
 	[wheezy] - nova <not-affected> (Introduced in Grizzly)
@@ -14139,7 +14140,7 @@
 CVE-2013-5017
 	RESERVED
 CVE-2013-5016 (Symantec Critical System Protection (SCSP) before 5.2.9, when ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2013-5015 (SQL injection vulnerability in the management console in Symantec ...)
 	NOT-FOR-US: Symantec Endpoint Protection
 CVE-2013-5014 (The management console in Symantec Endpoint Protection Manager (SEPM) ...)
@@ -27941,7 +27942,7 @@
 	NOTE: patch: https://sourceforge.net/u/lvella/pam-pgsql/ci/9361f5970e5dd90a747319995b67c2f73b91448c/
 	NOTE: bugreport: https://sourceforge.net/p/pam-pgsql/bugs/13/
 CVE-2013-0187 (Foreman before 1.1 allows remote authenticated users to gain ...)
-	TODO: check
+	- foreman <itp> (bug #663101)
 CVE-2013-0186
 	RESERVED
 	NOT-FOR-US: ManageIQ EVM (CloudForms)

More information about the Secure-testing-commits mailing list