[Secure-testing-commits] r42507 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jun 13 16:24:21 UTC 2016
Author: jmm
Date: 2016-06-13 16:24:21 +0000 (Mon, 13 Jun 2016)
New Revision: 42507
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-13 15:22:36 UTC (rev 42506)
+++ data/CVE/list 2016-06-13 16:24:21 UTC (rev 42507)
@@ -2586,13 +2586,13 @@
CVE-2016-4528
RESERVED
CVE-2016-4527 (ABB PCM600 before 2.7 improperly stores PCM600 authentication ...)
- TODO: check
+ NOT-FOR-US: ABB PCM600
CVE-2016-4526
RESERVED
CVE-2016-4525
RESERVED
CVE-2016-4524 (ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords ...)
- TODO: check
+ NOT-FOR-US: ABB PCM600
CVE-2016-4523 (The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x ...)
TODO: check
CVE-2016-4522
@@ -2608,7 +2608,7 @@
CVE-2016-4517
RESERVED
CVE-2016-4516 (ABB PCM600 before 2.7 improperly stores the main application password ...)
- TODO: check
+ NOT-FOR-US: ABB PCM600
CVE-2016-4515
RESERVED
CVE-2016-4514
@@ -2618,7 +2618,7 @@
CVE-2016-4512
RESERVED
CVE-2016-4511 (ABB PCM600 before 2.7 uses an improper hash algorithm for the main ...)
- TODO: check
+ NOT-FOR-US: ABB PCM600
CVE-2016-4510 (The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x ...)
TODO: check
CVE-2016-4509
@@ -4433,7 +4433,7 @@
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14015.patch
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_3.txt
CVE-2016-3944 (UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2016-3943 (Panda Endpoint Administration Agent before 7.50.00, as used in Panda ...)
NOT-FOR-US: Panda
CVE-2016-3942
@@ -6478,7 +6478,6 @@
NOT-FOR-US: Katello
CVE-2016-3071 (Libreswan 3.16 might allow remote attackers to cause a denial of ...)
- libreswan <itp> (bug #773459)
- TODO: check other implementations
CVE-2016-3070 [Null pointer dereference in trace_writeback_dirty_page()]
RESERVED
- linux 4.4.2-1
@@ -8389,7 +8388,6 @@
RESERVED
- ntp 1:4.2.8p7+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
- TODO: check
CVE-2016-2518 [Crafted addpeer with hmode > 7 causes out-of-bounds reference]
RESERVED
- ntp 1:4.2.8p7+dfsg-1
@@ -8400,7 +8398,6 @@
- ntp 1:4.2.8p7+dfsg-1
NOTE: CVE-2016-2517 is for a regression caused by the patch for CVE-2016-2516
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
- TODO: check
CVE-2016-2516 [Duplicate IPs on unconfig directives will cause an assertion failure]
RESERVED
- ntp 1:4.2.8p7+dfsg-1
@@ -9095,7 +9092,7 @@
CVE-2016-2311 (Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ...)
NOT-FOR-US: AlertWerks
CVE-2016-2310 (General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 ...)
- TODO: check
+ NOT-FOR-US: GE Multilink devices
CVE-2016-2309 (iRZ RUH2 before 2b does not validate firmware patches, which allows ...)
NOT-FOR-US: iRZ RUH2
CVE-2016-2308
@@ -9405,11 +9402,11 @@
CVE-2015-8801
RESERVED
CVE-2015-8800 (Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-8799 (Directory traversal vulnerability in the Management Server in Symantec ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-8798 (Directory traversal vulnerability in the Management Server in Symantec ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-4009 (Integer overflow in the ImagingResampleHorizontal function in ...)
- pillow 3.1.1-1
[jessie] - pillow <not-affected>
More information about the Secure-testing-commits
mailing list