[Secure-testing-commits] r41023 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Apr 20 13:53:06 UTC 2016 

Author: jmm
Date: 2016-04-20 13:53:06 +0000 (Wed, 20 Apr 2016)
New Revision: 41023

Modified:
   data/CVE/list
Log:
brltty no-dsa
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-20 09:19:57 UTC (rev 41022)
+++ data/CVE/list	2016-04-20 13:53:06 UTC (rev 41023)
@@ -155,6 +155,8 @@
 	RESERVED
 CVE-2016-XXXX [auth bypass]
 	- brltty <unfixed>
+	[wheezy] - brltty <no-dsa> (Minor issue)
+	[jessie] - brltty <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=967436
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/04/12/4
 	TODO: check
@@ -186,9 +188,9 @@
 CVE-2016-3987 (The HTTP server in Trend Micro Password Manager allows remote web ...)
 	NOT-FOR-US: Trend Micro
 CVE-2016-3986 (Avast allows remote attackers to cause a denial of service (memory ...)
-	TODO: check
+	NOT-FOR-US: Avast
 CVE-2016-3985 (The Terminal Services Remote Desktop Protocol (RDP) client session ...)
-	TODO: check
+	NOT-FOR-US: Pulse Connect Secure
 CVE-2016-3984 (The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response ...)
 	NOT-FOR-US: McAfee
 CVE-2016-3983 (McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow ...)
@@ -200,7 +202,7 @@
 CVE-2016-3978 (The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x ...)
 	NOT-FOR-US: FortiOS
 CVE-2015-8841 (Heap-based buffer overflow in the Archive support module in ESET NOD32 ...)
-	TODO: check
+	NOT-FOR-US: ESET NOD32
 CVE-2016-4002 [net: buffer overflow in MIPSnet emulator]
 	RESERVED
 	- qemu <unfixed> (bug #821061)
@@ -347,7 +349,7 @@
 CVE-2016-3964
 	RESERVED
 CVE-2016-3963 (Siemens SCALANCE S613 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2016-3992 [uses predictable temporary files]
 	RESERVED
 	- cronic 3-1 (bug #820331)
@@ -972,13 +974,13 @@
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 CVE-2016-3678 (Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2016-3677
 	RESERVED
 CVE-2016-3676 (Huawei E3276s USB modems with software before ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2016-3675 (SQL injection vulnerability in Huawei Policy Center with software ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2016-3673
 	RESERVED
 CVE-2016-3672 [Unlimiting the stack not longer disables ASLR]
@@ -1615,6 +1617,7 @@
 	NOT-FOR-US: Solaris
 CVE-2016-3418
 	RESERVED
+	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
 CVE-2016-3417
 	RESERVED
 CVE-2016-3416
@@ -10497,17 +10500,20 @@
 	- openjdk-6 <removed>
 CVE-2016-0694
 	RESERVED
+	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
 CVE-2016-0693
 	RESERVED
 	NOT-FOR-US: Solaris
 CVE-2016-0692
 	RESERVED
+	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
 CVE-2016-0691
 	RESERVED
 CVE-2016-0690
 	RESERVED
 CVE-2016-0689
 	RESERVED
+	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
 CVE-2016-0688
 	RESERVED
 CVE-2016-0687
@@ -10528,6 +10534,7 @@
 	RESERVED
 CVE-2016-0682
 	RESERVED
+	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
 CVE-2016-0681
 	RESERVED
 CVE-2016-0680

More information about the Secure-testing-commits mailing list