[Secure-testing-commits] r36891 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Sep 29 15:01:58 UTC 2015 

Author: carnil
Date: 2015-09-29 15:01:58 +0000 (Tue, 29 Sep 2015)
New Revision: 36891

Modified:
   data/CVE/list
Log:
Update a couple of TODOs, mark as NFU

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-29 15:01:48 UTC (rev 36890)
+++ data/CVE/list	2015-09-29 15:01:58 UTC (rev 36891)
@@ -18,9 +18,9 @@
 CVE-2015-7376
 	RESERVED
 CVE-2015-7375 (Schneider Electric InduSoft Web Studio before 8.0 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric InduSoft Web Studio
 CVE-2015-7374 (The Remote Agent component in Schneider Electric InduSoft Web Studio ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric InduSoft Web Studio
 CVE-2015-7373
 	RESERVED
 CVE-2015-7372
@@ -166,7 +166,7 @@
 CVE-2015-7304 (Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x ...)
 	TODO: check
 CVE-2015-7303 (Use-after-free vulnerability in the Update Manager service in Avira ...)
-	TODO: check
+	NOT-FOR-US: Avira
 CVE-2015-7302
 	RESERVED
 CVE-2015-7301
@@ -197,7 +197,7 @@
 	[squeeze] - xen <not-affected> (Only affects 4.1 and later)
 	NOTE: http://xenbits.xen.org/xsa/advisory-142.html
 CVE-2015-7296 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 ...)
-	TODO: check
+	NOT-FOR-US: Securifi Almond devices
 CVE-2015-7294
 	RESERVED
 CVE-2015-7293
@@ -931,9 +931,9 @@
 CVE-2015-6946 (Multiple stack-based buffer overflows in the Reprise License Manager ...)
 	NOT-FOR-US: Borland AccuRev
 CVE-2015-6945 (Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador ...)
-	TODO: check
+	NOT-FOR-US: JSP/MySQL Administrador Web 1
 CVE-2015-6944 (Cross-site request forgery (CSRF) vulnerability in JSP/MySQL ...)
-	TODO: check
+	NOT-FOR-US: JSP/MySQL Administrador Web 1
 CVE-2015-6943 (SQL injection vulnerability in the serendipity_checkCommentToken ...)
 	NOT-FOR-US: Serendipity
 CVE-2015-6942
@@ -2181,7 +2181,7 @@
 CVE-2015-6464 (The administrative web interface on Moxa EDS-405A and EDS-408A ...)
 	NOT-FOR-US: Moxa switches
 CVE-2015-6463 (CodeWrights HART Comm DTM components, as used with Endress+Hauser ...)
-	TODO: check
+	NOT-FOR-US: CodeWrights HART Comm DTM components
 CVE-2015-6462
 	RESERVED
 CVE-2015-6461
@@ -2493,7 +2493,7 @@
 CVE-2015-6308
 	RESERVED
 CVE-2015-6307 (Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-6306 (Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does ...)
 	NOT-FOR-US: Cisco
 CVE-2015-6305 (Untrusted search path vulnerability in the ...)

More information about the Secure-testing-commits mailing list