[Secure-testing-commits] r31092 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Fri Jan 2 16:30:06 UTC 2015 

Author: helmutg
Date: 2015-01-02 16:30:06 +0000 (Fri, 02 Jan 2015)
New Revision: 31092

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-02 16:29:57 UTC (rev 31091)
+++ data/CVE/list	2015-01-02 16:30:06 UTC (rev 31092)
@@ -1,3 +1,7 @@
+CVE-2014-9433 (Multiple cross-site scripting (XSS) vulnerabilities in cms/front_content.php ...)
+	NOT-FOR-US: Contenido CMS
+CVE-2014-9432 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	NOT-FOR-US: Serendipity
 CVE-2014-XXXX [denial of service with specific packets]
 	- libhtp <unfixed>
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1272
@@ -25,7 +29,7 @@
 CVE-2014-9415 (Huawei eSpace Desktop before V100R001C03 allows local users to ...)
 	NOT-FOR-US: Huawei
 CVE-2014-9414 (The W3 Total Cache plugin before 0.9.4.1 for WordPress does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin W3 Total Cache
 CVE-2014-9413 (Multiple cross-site request forgery (CSRF) vulnerabilities in the IP ...)
 	NOT-FOR-US: IP Ban (simple-ip-ban) plugin for WordPress
 CVE-2014-XXXX [dwarfdump use after free]
@@ -28563,7 +28567,7 @@
 CVE-2013-5960 (The authenticated-encryption feature in the symmetric-encryption ...)
 	NOT-FOR-US: OWASP Enterprise Security API for Java
 CVE-2013-5958 (The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before ...)
-	TODO: check
+	NOT-FOR-US: Symfony
 CVE-2013-5957 (Multiple SQL injection vulnerabilities in ...)
 	NOT-FOR-US: CiviCRM
 CVE-2013-5956 (Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php ...)
@@ -31705,7 +31709,7 @@
 CVE-2013-4664
 	RESERVED
 CVE-2013-4663 (git_http_controller.rb in the redmine_git_hosting plugin for Redmine ...)
-	TODO: check
+	NOT-FOR-US: Redmine plugin redmine_git_hosting
 CVE-2013-4662 (The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through ...)
 	NOT-FOR-US: CiviCRM
 CVE-2013-4661 (CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly ...)

More information about the Secure-testing-commits mailing list