[Secure-testing-commits] r34301 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat May 16 04:09:49 UTC 2015 

Author: carnil
Date: 2015-05-16 04:09:49 +0000 (Sat, 16 May 2015)
New Revision: 34301

Modified:
   data/CVE/list
Log:
Process round of NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-16 04:05:08 UTC (rev 34300)
+++ data/CVE/list	2015-05-16 04:09:49 UTC (rev 34301)
@@ -1,7 +1,7 @@
 CVE-2015-3987 (Multiple unquoted Windows search path vulnerabilities in the (1) ...)
 	TODO: check
 CVE-2015-3986 (Cross-site request forgery (CSRF) vulnerability in the TheCartPress ...)
-	TODO: check
+	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
 CVE-2015-3985
 	RESERVED
 CVE-2015-3984
@@ -1710,9 +1710,9 @@
 CVE-2015-3302
 	RESERVED
 CVE-2015-3301 (Directory traversal vulnerability in the TheCartPress eCommerce ...)
-	TODO: check
+	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
 CVE-2015-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
 CVE-2015-3299
 	RESERVED
 CVE-2015-3298
@@ -4623,9 +4623,9 @@
 CVE-2015-2235
 	REJECTED
 CVE-2015-2234 (Race condition in Lenovo System Update (formerly ThinkVantage System ...)
-	TODO: check
+	NOT-FOR-US: Lenovo System Update
 CVE-2015-2233 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
-	TODO: check
+	NOT-FOR-US: Lenovo System Update
 CVE-2015-2232
 	RESERVED
 CVE-2015-2231
@@ -4660,7 +4660,7 @@
 CVE-2015-2220 (Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2015-2219 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
-	TODO: check
+	NOT-FOR-US: Lenovo System Update
 CVE-2015-2218 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	NOT-FOR-US: wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin for WordPress
 CVE-2015-2217 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP ...)

More information about the Secure-testing-commits mailing list