[Secure-testing-commits] r50995 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Apr 24 12:32:00 UTC 2017 

Author: jmm
Date: 2017-04-24 12:32:00 +0000 (Mon, 24 Apr 2017)
New Revision: 50995

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-24 12:29:29 UTC (rev 50994)
+++ data/CVE/list	2017-04-24 12:32:00 UTC (rev 50995)
@@ -3,7 +3,7 @@
 CVE-2017-8083
 	RESERVED
 CVE-2017-8082 (concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which ...)
-	TODO: check
+	NOT-FOR-US: concrete5
 CVE-2017-8081
 	RESERVED
 CVE-2017-8080
@@ -739,7 +739,7 @@
 	NOTE: https://savannah.gnu.org/support/index.php?109265
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1ae06daf3b2375c34af23083394a6f010be24a45
 CVE-2017-7852 (D-Link DCS cameras have a weak/insecure CrossDomain.XML file that ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-7851
 	RESERVED
 CVE-2016-10326 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a ...)
@@ -44133,7 +44133,7 @@
 CVE-2016-2565 (Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) ...)
 	NOT-FOR-US: Samsung
 CVE-2016-2564 (Invision Power Services (IPS) Community Suite before 4.1.9 makes ...)
-	TODO: check
+	NOT-FOR-US: Invision Power Services
 CVE-2016-2563 (Stack-based buffer overflow in the SCP command-line utility in PuTTY ...)
 	- putty 0.67-1 (bug #816921)
 	[jessie] - putty <no-dsa> (Minor issue)
@@ -54300,9 +54300,9 @@
 CVE-2015-8111
 	RESERVED
 CVE-2015-8110 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2015-8109 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2015-8108 (The management interface in LenovoEMC EZ Media & Backup (hm3), ...)
 	NOT-FOR-US: LenovoEMC
 CVE-2015-8107 (Format string vulnerability in GNU a2ps 4.14 allows remote attackers ...)
@@ -80150,13 +80150,13 @@
 CVE-2015-0108 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
 	NOT-FOR-US: IBM
 CVE-2015-0107 (IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0106 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
 	NOT-FOR-US: IBM Business Process Manager
 CVE-2015-0105 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM ...)
 	NOT-FOR-US: IBM Business Process Manager
 CVE-2015-0104 (IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0103 (Multiple cross-site scripting (XSS) vulnerabilities in the Process ...)
 	NOT-FOR-US: IBM Business Process Manager
 CVE-2015-0102

More information about the Secure-testing-commits mailing list