[Secure-testing-commits] r27006 - data/CVE
Helmut Grohne
helmutg at moszumanska.debian.org
Thu May 22 06:29:06 UTC 2014
Author: helmutg
Date: 2014-05-22 06:29:06 +0000 (Thu, 22 May 2014)
New Revision: 27006
Modified:
data/CVE/list
Log:
NFUs, gitlab itp, DSA-2912-1 fixed CVE-2014-0462 openjdk-6
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-22 05:01:38 UTC (rev 27005)
+++ data/CVE/list 2014-05-22 06:29:06 UTC (rev 27006)
@@ -718,11 +718,11 @@
CVE-2014-3457
RESERVED
CVE-2014-3456 (Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition ...)
- TODO: check
+ - gitlab <itp> (bug #651606)
CVE-2014-3455 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extension SemanticForms
CVE-2014-3454 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extension SemanticForms
CVE-2014-3452 (Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier ...)
TODO: check
CVE-2014-3451
@@ -1730,7 +1730,7 @@
CVE-2014-2990
RESERVED
CVE-2014-2989 (Cross-site request forgery (CSRF) vulnerability in Open Assessment ...)
- TODO: check
+ NOT-FOR-US: Open Assessment Technologies TAO
CVE-2014-2988
RESERVED
CVE-2014-2987
@@ -1877,7 +1877,7 @@
CVE-2014-2929
RESERVED
CVE-2014-2928 (The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2014-2927
RESERVED
CVE-2014-2926
@@ -2791,7 +2791,7 @@
CVE-2014-2592
RESERVED
CVE-2014-2591 (Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 ...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-2014-2590 (The web management interface in Siemens RuggedCom ROS before 3.11, ROS ...)
NOT-FOR-US: Siemens RuggedCom ROS
CVE-2014-2589 (Cross-site scripting (XSS) vulnerability in the Dashboard Backend ...)
@@ -3565,7 +3565,7 @@
CVE-2014-2302
RESERVED
CVE-2014-2301 (OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: OrbiTeam BSCW
CVE-2014-2300
RESERVED
CVE-2014-2299 (Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the ...)
@@ -4326,7 +4326,7 @@
CVE-2014-1992
RESERVED
CVE-2014-1991 (Open redirect vulnerability in WebPlatform / AppFramework 6.0 through ...)
- TODO: check
+ NOT-FOR-US: NTT DATA INTRAMART
CVE-2014-1990 (Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the ...)
NOT-FOR-US: TOSHIBA TEC e-Studio
CVE-2014-1989 (Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to ...)
@@ -6747,11 +6747,11 @@
CVE-2014-0947
RESERVED
CVE-2014-0946 (The RES Console in Rule Execution Server in IBM Operational Decision ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-0945 (Cross-site scripting (XSS) vulnerability in the RES Console in Rule ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-0944 (Cross-site request forgery (CSRF) vulnerability in the RES Console in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-0943
RESERVED
CVE-2014-0942 (Cross-site scripting (XSS) vulnerability in ...)
@@ -8061,7 +8061,7 @@
- openjdk-6 <not-affected> (Only affects Java 8)
CVE-2014-0462 (Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux ...)
{DSA-2912-1}
- TODO: check
+ - openjdk-6 6b31-1.13.3-1
CVE-2014-0461 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
{DSA-2923-1 DSA-2912-1}
- openjdk-7 7u55-2.4.7-1
@@ -20888,7 +20888,7 @@
CVE-2013-2706 (Cross-site request forgery (CSRF) vulnerability in the Stream Video ...)
NOT-FOR-US: WordPress plugin Stream Video Player
CVE-2013-2705 (Cross-site request forgery (CSRF) vulnerability in the WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Simple Paypal Shopping Cart
CVE-2013-2704 (Cross-site request forgery (CSRF) vulnerability in the Dropdown Menu ...)
NOT-FOR-US: WordPress plugin Dropdown Menu Widget
CVE-2013-2703 (Cross-site request forgery (CSRF) vulnerability in the Facebook ...)
More information about the Secure-testing-commits
mailing list