[Secure-testing-commits] r47330 - data/CVE

Petter Reinholdtsen pere at moszumanska.debian.org
Thu Dec 22 08:40:16 UTC 2016 

Author: pere
Date: 2016-12-22 08:40:16 +0000 (Thu, 22 Dec 2016)
New Revision: 47330

Modified:
   data/CVE/list
Log:
Add package references based on CPE cross-referencing with NVD.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-22 08:04:52 UTC (rev 47329)
+++ data/CVE/list	2016-12-22 08:40:16 UTC (rev 47330)
@@ -9053,6 +9053,7 @@
 	NOTE: versions, but there  seem to be still back then an unchecked dereference
 	NOTE: of val_ptr.
 CVE-2016-9479 (The "lost password" functionality in b2evolution before 6.7.9 allows ...)
+	- b2evolution <removed>
 	TODO: check
 CVE-2016-9478
 	RESERVED
@@ -25263,6 +25264,7 @@
 CVE-2016-4803 (CRLF injection vulnerability in the send email functionality in dotCMS ...)
 	NOT-FOR-US: dotCMS
 CVE-2016-4802 (Multiple untrusted search path vulnerabilities in cURL and libcurl ...)
+	- curl <unfixed>
 	TODO: check
 CVE-2016-4801
 	RESERVED
@@ -29824,6 +29826,7 @@
 CVE-2016-3175
 	RESERVED
 CVE-2016-3174 (An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. ...)
+	- open-xchange <itp> (bug #269329)
 	TODO: check
 CVE-2016-3173 (An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. ...)
 	TODO: check
@@ -49539,6 +49542,7 @@
 CVE-2015-5376
 	RESERVED
 CVE-2015-5375 (Cross-site scripting (XSS) vulnerability in unspecified dialogs for ...)
+	- open-xchange <itp> (bug #269329)
 	TODO: check
 CVE-2015-5374 (The EN100 module with firmware before 4.25 for Siemens SIPROTEC 4 and ...)
 	NOT-FOR-US: Siemens
@@ -63167,7 +63171,7 @@
 CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 ...)
 	NOT-FOR-US: Macroplant iExplorer
 CVE-2014-9599 (Cross-site scripting (XSS) vulnerability in the filemanager in ...)
-	NOT-FOR-US: b2evolution
+	- b2evolution <removed>
 CVE-2014-9598 (The picture_Release function in misc/picture.c in VideoLAN VLC media ...)
 	NOTE: https://trac.videolan.org/vlc/ticket/13390
 	NOTE: http://seclists.org/fulldisclosure/2015/Jan/72

More information about the Secure-testing-commits mailing list