[Secure-testing-commits] r37959 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Nov 27 23:25:39 UTC 2015


Author: jmm
Date: 2015-11-27 23:25:39 +0000 (Fri, 27 Nov 2015)
New Revision: 37959

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-27 23:19:52 UTC (rev 37958)
+++ data/CVE/list	2015-11-27 23:25:39 UTC (rev 37959)
@@ -54,7 +54,6 @@
 	RESERVED
 CVE-2015-8342
 	REJECTED
-	TODO: check
 CVE-2015-8341
 	RESERVED
 CVE-2015-8340
@@ -89,9 +88,9 @@
 CVE-2015-8331
 	RESERVED
 CVE-2015-8330 (The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2015-8329 (SAP Manufacturing Integration and Intelligence (aka MII, formerly ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2015-8328 (Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU ...)
 	TODO: check
 CVE-2015-8327
@@ -329,7 +328,7 @@
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-09
 	NOTE: https://github.com/zendframework/zf1/commit/4a41392f89bf510a8ab801eacb117fe7ea25b575
 CVE-2009-5149 (Arris DG860A, TG862A, and TG862G devices with firmware ...)
-	TODO: check
+	NOT-FOR-US: Arris hardware
 CVE-2015-XXXX [Missing bounds checking and verification of data type causes segfault]
 	- libmaxminddb <unfixed> (bug #805657)
 	NOTE: https://github.com/maxmind/libmaxminddb/commit/51255f113fe3c7b63ffe957636a7656a3ff9d1ff
@@ -350,23 +349,23 @@
 CVE-2015-8237
 	RESERVED
 CVE-2015-8236 (Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, ...)
-	TODO: check
+	NOT-FOR-US: Arista EOS
 CVE-2015-8235
 	RESERVED
 CVE-2015-8233 (Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x ...)
-	TODO: check
+	NOT-FOR-US: Drupal theme
 CVE-2015-8232 (The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not ...)
-	TODO: check
+	NOT-FOR-US: Drupal theme
 CVE-2015-8231
 	RESERVED
 CVE-2015-8230
 	RESERVED
 CVE-2015-8229 (Huawei eSpace U2980 unified gateway with software before V100R001C10 ...)
-	TODO: check
+	NOT-FOR-US: Huawai
 CVE-2015-8228 (Directory traversal vulnerability in the SFTP server in Huawei AR 120, ...)
-	TODO: check
+	NOT-FOR-US: Huawai
 CVE-2015-8227 (The built-in web server in Huawei VP9660 multi-point control unit with ...)
-	TODO: check
+	NOT-FOR-US: Huawai
 CVE-2015-8226
 	RESERVED
 CVE-2015-8225
@@ -378,9 +377,9 @@
 CVE-2015-8222 (The lxd-unix.socket systemd unit file in the Ubuntu lxd package before ...)
 	- lxd <itp> (bug #768073)
 CVE-2015-8221 (Integer overflow in Google Picasa before 3.9.140 Build 259 allows ...)
-	TODO: check
+	NOT-FOR-US: Google Picasa
 CVE-2015-8220 (Stack-based buffer overflow in the URI handler in DWRCC.exe in ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds remote control
 CVE-2015-8242 [Buffer overread with HTML parser in push mode in xmlSAX2TextNode]
 	RESERVED
 	- libxml2 <unfixed> (bug #805146)
@@ -615,7 +614,6 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273845
 	NOTE: https://groups.google.com/forum/#!topic/syzkaller/3twDUI4Cpm8
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/18/9
-	TODO: check
 CVE-2015-8317 [issues in the xmlParseXMLDecl function]
 	RESERVED
 	- libxml2 2.9.2+zdfsg1-4
@@ -670,7 +668,7 @@
 CVE-2015-8114
 	RESERVED
 CVE-2015-8113 (Untrusted search path vulnerability in the client in Symantec Endpoint ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2015-8112
 	RESERVED
 CVE-2015-8111
@@ -728,7 +726,7 @@
 CVE-2015-8097
 	RESERVED
 CVE-2015-8096 (Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 ...)
-	TODO: check
+	NOT-FOR-US: Google Picasa
 CVE-2015-8095 (The recycle bin feature in the Monster Menus module 7.x-1.21 before ...)
 	TODO: check
 CVE-2015-8094




More information about the Secure-testing-commits mailing list