[Secure-testing-commits] r51053 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Apr 26 05:53:51 UTC 2017


Author: carnil
Date: 2017-04-26 05:53:51 +0000 (Wed, 26 Apr 2017)
New Revision: 51053

Modified:
   data/CVE/list
Log:
Process some CVEs as NFUs in Joomla

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-26 05:52:16 UTC (rev 51052)
+++ data/CVE/list	2017-04-26 05:53:51 UTC (rev 51053)
@@ -395,7 +395,7 @@
 CVE-2017-8058
 	RESERVED
 CVE-2017-8057 (In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-8056 (WatchGuard Fireware v11.12.1 and earlier mishandles requests referring ...)
 	NOT-FOR-US: WatchGuard
 CVE-2017-8055 (WatchGuard Fireware allows user enumeration, e.g., in the Firebox ...)
@@ -539,19 +539,19 @@
 CVE-2017-7990 (The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with ...)
 	NOT-FOR-US: OpenMRS
 CVE-2017-7989 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-7988 (In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-7987 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping of ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-7986 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-7985 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-7984 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-7983 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in ...)
 	- libplist <unfixed> (bug #860945)
 	[jessie] - libplist <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list