[Secure-testing-commits] r46190 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Nov 14 18:24:11 UTC 2016 

Author: jmm
Date: 2016-11-14 18:24:10 +0000 (Mon, 14 Nov 2016)
New Revision: 46190

Modified:
   data/CVE/list
Log:
NFUs
joomla ITP


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-14 18:13:47 UTC (rev 46189)
+++ data/CVE/list	2016-11-14 18:24:10 UTC (rev 46190)
@@ -1016,9 +1016,9 @@
 CVE-2016-8871 (In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding ...)
 	- botan1.10 <not-affected> (Only affects 1.11.29 through 1.11.32)
 CVE-2016-8870 (The register method in the UsersModelRegistration class in ...)
-	TODO: check
+	- joomla <itp> (bug #571794)
 CVE-2016-8869 (The register method in the UsersModelRegistration class in ...)
-	TODO: check
+	- joomla <itp> (bug #571794)
 CVE-2016-8868
 	RESERVED
 CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with misconfigured ...)
@@ -1370,7 +1370,7 @@
 CVE-2016-1000034
 	RESERVED
 CVE-2016-1000032 (TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a ...)
-	TODO: check
+	NOT-FOR-US: TGCaptcha2
 CVE-2016-8910 (The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka ...)
 	{DLA-698-1 DLA-689-1}
 	- qemu <unfixed> (bug #841955)
@@ -1502,7 +1502,7 @@
 CVE-2016-8672
 	RESERVED
 CVE-2005-4900 (SHA-1 is not collision resistant, which makes it easier for ...)
-	TODO: check
+	NOT-FOR-US: Generic protocol issue
 CVE-2005-4899
 	RESERVED
 CVE-2005-4898
@@ -2132,17 +2132,17 @@
 CVE-2016-8507
 	RESERVED
 CVE-2016-8506 (XSS in Yandex Browser Translator in Yandex browser for desktop for ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8505 (XSS in Yandex Browser BookReader in Yandex browser for desktop for ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8504 (CSRF of synchronization form in Yandex Browser for desktop before ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8503 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8502 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8501 (Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8500
 	RESERVED
 CVE-2016-8499
@@ -2654,11 +2654,11 @@
 CVE-2016-8336
 	RESERVED
 CVE-2016-8335 (An exploitable stack based buffer overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Iceni Argus
 CVE-2016-8334
 	RESERVED
 CVE-2016-8333 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Iceni Argus
 CVE-2016-8332 (A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution ...)
 	- openjpeg2 2.1.2-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0193/
@@ -2740,17 +2740,17 @@
 CVE-2016-8297
 	RESERVED
 CVE-2016-8296 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8295 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8294 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8293 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8292 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8291 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8290 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
@@ -4250,13 +4250,13 @@
 	NOTE: https://www.kde.org/info/security/advisory-20161006-1.txt
 CVE-2016-7965 (DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ...)
 	- dokuwiki <unfixed>
+	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1709
-	TODO: check
 CVE-2016-7964 (The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ...)
 	- dokuwiki <unfixed>
+	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1708
-	TODO: check
 CVE-2016-7963
 	RESERVED
 CVE-2016-7962

More information about the Secure-testing-commits mailing list