[Secure-testing-commits] r28716 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Thu Sep 11 15:05:36 UTC 2014 

Author: helmutg
Date: 2014-09-11 15:05:36 +0000 (Thu, 11 Sep 2014)
New Revision: 28716

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-11 10:22:52 UTC (rev 28715)
+++ data/CVE/list	2014-09-11 15:05:36 UTC (rev 28716)
@@ -1791,15 +1791,15 @@
 CVE-2014-5385 (com/salesmanager/central/profile/ProfileAction.java in Shopizer 1.1.5 ...)
 	NOT-FOR-US: Shopizer
 CVE-2014-5384 (The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 ...)
-	TODO: check
+	NOT-FOR-US: iconv system library of FreeBSD and NetBSD
 CVE-2014-5383 (SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2010-5303 (Cross-site scripting (XSS) vulnerability in the displayError function ...)
-	TODO: check
+	NOT-FOR-US: TimThumb
 CVE-2010-5302 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb ...)
-	TODO: check
+	NOT-FOR-US: TimThumb
 CVE-2009-5142 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb ...)
-	TODO: check
+	NOT-FOR-US: TimThumb
 CVE-2014-5472 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
 	- linux 3.16.2-1
 	- linux-2.6 <removed>
@@ -4446,7 +4446,7 @@
 CVE-2014-4326 (Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote ...)
 	- logstash <itp> (bug #664841)
 CVE-2014-4325 (The cmd_boot function in app/aboot/aboot.c in the Little Kernel (LK) ...)
-	TODO: check
+	NOT-FOR-US: Little Kernel (bootloader)
 CVE-2014-4324
 	RESERVED
 CVE-2014-4323
@@ -5325,7 +5325,7 @@
 	- kfreebsd-9 <unfixed> (bug #754236)
 	- kfreebsd-10 <unfixed>
 CVE-2014-3951 (The HZ module in the iconv implementation in FreeBSD 10.0 before p6 ...)
-	TODO: check
+	NOT-FOR-US: iconv system library of FreeBSD and NetBSD
 CVE-2014-3950
 	RESERVED
 CVE-2014-3949 (Cross-site scripting (XSS) vulnerability in the layout wizard in the ...)
@@ -12953,9 +12953,9 @@
 CVE-2014-0975
 	RESERVED
 CVE-2014-0974 (The boot_linux_from_mmc function in app/aboot/aboot.c in the Little ...)
-	TODO: check
+	NOT-FOR-US: Little Kernel (bootloader)
 CVE-2014-0973 (The image_verify function in platform/msm_shared/image_verify.c in the ...)
-	TODO: check
+	NOT-FOR-US: Little Kernel (bootloader)
 CVE-2014-0972 (The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm ...)
 	- linux <not-affected> (affects drivers/gpu/msm, not merged in mainline)
 CVE-2013-7292 (VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote ...)

More information about the Secure-testing-commits mailing list