[Secure-testing-commits] r50457 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Apr 8 06:11:19 UTC 2017 

Author: carnil
Date: 2017-04-08 06:11:19 +0000 (Sat, 08 Apr 2017)
New Revision: 50457

Modified:
   data/CVE/list
Log:
Process several NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-08 06:04:51 UTC (rev 50456)
+++ data/CVE/list	2017-04-08 06:11:19 UTC (rev 50457)
@@ -11,17 +11,17 @@
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
 	NOTE: https://sources.debian.net/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
 CVE-2017-7584 (Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows ...)
-	TODO: check
+	NOT-FOR-US: Foxit PDF Toolkit
 CVE-2017-7583 (ILIAS before 5.2.3 has XSS via SVG documents. ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2017-7582
 	RESERVED
 CVE-2017-7581 (SQL injection vulnerability in NewsController.php in the News module ...)
-	TODO: check
+	NOT-FOR-US: News module for TYPO3
 CVE-2017-7580
 	RESERVED
 CVE-2017-7579 (inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2007-6760
 	RESERVED
 CVE-2007-6759
@@ -2572,25 +2572,25 @@
 CVE-2017-6607
 	RESERVED
 CVE-2017-6606 (A vulnerability in a startup script of Cisco IOS XE Software could ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6605
 	RESERVED
 CVE-2017-6604 (A vulnerability in the web interface of Cisco Integrated Management ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6603 (A vulnerability in Cisco ASR 903 or ASR 920 Series Devices running with ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6602 (A vulnerability in the CLI of Cisco Unified Computing System (UCS) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6601 (A vulnerability in the CLI of the Cisco Unified Computing System (UCS) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6600 (A vulnerability in the CLI of the Cisco Unified Computing System (UCS) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6599 (A vulnerability in Google-defined remote procedure call (gRPC) handling ...)
 	TODO: check
 CVE-2017-6598 (A vulnerability in the debug plug-in functionality of the Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6597 (A vulnerability in the local-mgmt CLI command of the Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6596 (partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer ...)
 	[experimental] - partclone 0.2.90-1
 	- partclone 0.2.89-3 (bug #857966)
@@ -10267,17 +10267,17 @@
 CVE-2017-3890 (A reflected cross-site scripting vulnerability in the BlackBerry ...)
 	NOT-FOR-US: BlackBerry
 CVE-2017-3889 (A vulnerability in the web interface of the Cisco Registered Envelope ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3888 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3887 (A vulnerability in the detection engine that handles Secure Sockets ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3886 (A vulnerability in the Cisco Unified Communications Manager web ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3885 (A vulnerability in the detection engine reassembly of Secure Sockets ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3884 (A vulnerability in the web interface of Cisco Prime Infrastructure and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3883
 	RESERVED
 CVE-2017-3882
@@ -10349,7 +10349,7 @@
 CVE-2017-3849 (A vulnerability in the Autonomic Networking Infrastructure (ANI) ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3848 (A vulnerability in the HTTP web-based management interface of Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3847 (A vulnerability in the web framework of Cisco Firepower Management ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3846 (A vulnerability in the Client Manager Server of Cisco Workload ...)
@@ -10411,7 +10411,7 @@
 CVE-2017-3818 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
 	NOT-FOR-US: Cisco Email Security Appliances
 CVE-2017-3817 (A vulnerability in the role-based resource checking functionality of ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3816
 	RESERVED
 CVE-2017-3815 (An API Privilege vulnerability in Cisco TelePresence Server Software ...)
@@ -14608,7 +14608,7 @@
 CVE-2017-2388 (An issue was discovered in certain Apple products. macOS before ...)
 	NOT-FOR-US: Apple
 CVE-2017-2387 (The Apple Music (aka com.apple.android.music) application before 2.0 ...)
-	TODO: check
+	NOT-FOR-US: Apple Music application for Android
 CVE-2017-2386 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
 	- webkit2gtk <unfixed> (unimportant)
 	NOTE: Not covered by security support
@@ -20998,11 +20998,11 @@
 CVE-2016-9198 (A vulnerability in the Active Directory integration component of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2016-9197 (A vulnerability in the CLI command parser of the Cisco Mobility Express ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2016-9196 (A vulnerability in login authentication management in Cisco Aironet ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2016-9195 (A vulnerability in RADIUS Change of Authorization (CoA) request ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2016-9194 (A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action ...)
 	NOT-FOR-US: Cisco
 CVE-2016-9193 (A vulnerability in the malicious file detection and blocking features ...)

More information about the Secure-testing-commits mailing list