[Secure-testing-commits] r51062 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Apr 26 09:53:06 UTC 2017 

Author: jmm
Date: 2017-04-26 09:53:06 +0000 (Wed, 26 Apr 2017)
New Revision: 51062

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-26 09:13:07 UTC (rev 51061)
+++ data/CVE/list	2017-04-26 09:53:06 UTC (rev 51062)
@@ -336,7 +336,7 @@
 CVE-2017-8116
 	RESERVED
 CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...)
-	TODO: check
+	NOT-FOR-US: MODX
 CVE-2017-8114
 	RESERVED
 CVE-2017-8113
@@ -350,7 +350,7 @@
 CVE-2017-8111
 	RESERVED
 CVE-2017-8110 (www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 ...)
-	TODO: check
+	NOT-FOR-US: modified eCommerce Shopsoftware
 CVE-2017-8109 (The salt-ssh minion code in SaltStack Salt before 2016.11.4 copied over ...)
 	- salt <unfixed> (bug #861219)
 	NOTE: https://github.com/saltstack/salt/issues/40075
@@ -2661,7 +2661,7 @@
 CVE-2017-7295
 	RESERVED
 CVE-2017-7293 (The Dolby DAX2 and DAX3 API services are vulnerable to a privilege ...)
-	TODO: check
+	NOT-FOR-US: Dolby
 CVE-2017-7294 (The vmw_surface_define_ioctl function in ...)
 	- linux 4.9.18-1
 	[jessie] - linux <no-dsa> (Will be fixed in point release)
@@ -3101,7 +3101,7 @@
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 CVE-2017-7221 (OpenText Documentum Content Server has an inadequate protection ...)
-	TODO: check
+	NOT-FOR-US: OpenText Documentum Content Server
 CVE-2017-7220 (OpenText Documentum Content Server allows superuser access via ...)
 	NOT-FOR-US: OpenText Documentum Content Server
 CVE-2017-7219 (A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 ...)
@@ -7559,7 +7559,7 @@
 CVE-2017-5626 (OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden ...)
 	NOT-FOR-US: OxygenOS
 CVE-2017-5625 (In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized ...)
-	TODO: check
+	NOT-FOR-US: OxygenOS
 CVE-2017-5624 (An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. ...)
 	NOT-FOR-US: OxygenOS
 CVE-2017-5623 (An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T ...)
@@ -13944,7 +13944,7 @@
 CVE-2017-3435 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3434 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2017-3433 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3432 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
@@ -14100,9 +14100,9 @@
 CVE-2017-3357 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3356 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2017-3355 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2017-3354 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3353 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
@@ -14118,17 +14118,17 @@
 CVE-2017-3348 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3347 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2017-3346 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3345 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2017-3344 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3343 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3342 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2017-3341 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3340 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
@@ -19089,7 +19089,7 @@
 CVE-2017-1275
 	RESERVED
 CVE-2017-1274 (IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1273
 	RESERVED
 CVE-2017-1272
@@ -19340,7 +19340,7 @@
 CVE-2017-1150 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) ...)
 	NOT-FOR-US: IBM
 CVE-2017-1149 (IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1148
 	RESERVED
 CVE-2017-1147
@@ -27258,7 +27258,7 @@
 CVE-2016-8031 (Software Integrity Attacks vulnerability in Intel Security Anti-Virus ...)
 	NOT-FOR-US: Intel antivirus
 CVE-2016-8030 (A memory corruption vulnerability in Scriptscan COM Object in McAfee ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8029
 	RESERVED
 CVE-2016-8028

More information about the Secure-testing-commits mailing list