[Secure-testing-commits] r50586 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Apr 11 21:23:26 UTC 2017 

Author: jmm
Date: 2017-04-11 21:23:26 +0000 (Tue, 11 Apr 2017)
New Revision: 50586

Modified:
   data/CVE/list
Log:
NFUs
one chromium n/a


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-11 21:10:14 UTC (rev 50585)
+++ data/CVE/list	2017-04-11 21:23:26 UTC (rev 50586)
@@ -79,11 +79,11 @@
 CVE-2017-7649
 	RESERVED
 CVE-2017-7648 (Foscam networked devices use the same hardcoded SSL private key across ...)
-	TODO: check
+	NOT-FOR-US: Foscam
 CVE-2017-7647 (SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an ...)
-	TODO: check
+	NOT-FOR-US:  SolarWinds
 CVE-2017-7646 (SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an ...)
-	TODO: check
+	NOT-FOR-US:  SolarWinds
 CVE-2017-7645
 	RESERVED
 CVE-2017-7644
@@ -133,7 +133,7 @@
 CVE-2017-7622 (dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 ...)
 	NOT-FOR-US: dde-daemon
 CVE-2017-7621 (Cross Site Scripting Vulnerability in core-eMLi in AuroMeera ...)
-	TODO: check
+	NOT-FOR-US: core-eMLi
 CVE-2017-7620
 	RESERVED
 CVE-2017-7618 (crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to ...)
@@ -550,9 +550,9 @@
 	RESERVED
 	NOT-FOR-US: Red Hat business central
 CVE-2017-7462 (Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a ...)
-	TODO: check
+	NOT-FOR-US: Intellinet NFC-30ir IP Camera
 CVE-2017-7461 (Directory traversal vulnerability in the web-based management site on ...)
-	TODO: check
+	NOT-FOR-US: Intellinet NFC-30ir IP Camera
 CVE-2017-7460
 	RESERVED
 CVE-2017-7459
@@ -1387,7 +1387,7 @@
 CVE-2016-10260
 	RESERVED
 CVE-2016-10259 (Blue Coat SSL Visibility (SSLV) 3.x before 3.11.3.1 is susceptible to ...)
-	TODO: check
+	NOT-FOR-US: Blue Coat
 CVE-2016-10258
 	RESERVED
 CVE-2016-10257
@@ -5169,7 +5169,7 @@
 CVE-2017-5874 (CSRF exists on D-Link DIR-600M Rev. Cx devices before ...)
 	NOT-FOR-US: D-Link
 CVE-2017-5873 (Unquoted Windows search path vulnerability in the guest service in ...)
-	TODO: check
+	NOT-FOR-US: Unisys
 CVE-2017-5872 (The TCP/IP networking module in Unisys ClearPath MCP systems with ...)
 	NOT-FOR-US: Unisys ClearPath
 CVE-2017-5871
@@ -5743,7 +5743,7 @@
 CVE-2017-5673 (In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum ...)
 	NOT-FOR-US: Joomla extension
 CVE-2017-5672 (Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the ...)
-	TODO: check
+	NOT-FOR-US: Kony Enterprise Mobile Management
 CVE-2017-5671 (Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 ...)
 	NOT-FOR-US: Honeywell
 CVE-2017-5670 (Riverbed RiOS through 9.6.0 deletes the secure vault with the rm ...)
@@ -24298,11 +24298,11 @@
 CVE-2016-8238
 	RESERVED
 CVE-2016-8237 (Remote code execution in Lenovo Updates (not Lenovo System Update) ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2016-8236 (Reset to default settings may occur in Lenovo ThinkServer TSM RD350, ...)
 	NOT-FOR-US: Lenovo
 CVE-2016-8235 (Privilege escalation in Lenovo Customer Care Software Development Kit ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2016-8234
 	RESERVED
 CVE-2016-8233 (Log files generated by Lenovo XClarity Administrator (LXCA) versions ...)
@@ -26753,7 +26753,7 @@
 CVE-2016-7468 (An unauthenticated remote attacker may be able to disrupt services on ...)
 	NOT-FOR-US: F5
 CVE-2016-7467 (The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2016-7465
 	RESERVED
 CVE-2016-7464
@@ -37306,7 +37306,7 @@
 CVE-2016-4469 (Multiple cross-site request forgery (CSRF) vulnerabilities in Apache ...)
 	NOT-FOR-US: Apache Archiva
 CVE-2016-4468 (SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; ...)
-	TODO: check
+	NOT-FOR-US: Pivotal Cloud Foundry
 CVE-2016-4467 [Failure to verify that the server host name matches the certificate host name on Windows]
 	RESERVED
 	- qpid-proton <not-affected> (Windows-specific)
@@ -53507,7 +53507,7 @@
 CVE-2015-7894
 	RESERVED
 CVE-2015-7893 (SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2015-7892
 	RESERVED
 CVE-2015-7891
@@ -103889,7 +103889,7 @@
 CVE-2013-6648
 	RESERVED
 CVE-2013-6647 (A use-after-free in AnimationController::endAnimationUpdate in Google ...)
-	TODO: check
+	- chromium-browser <not-affected> (According to upstream bug only affected interim version, not a stable release)
 CVE-2013-6646 (Use-after-free vulnerability in the Web Workers implementation in ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1

More information about the Secure-testing-commits mailing list