[Secure-testing-commits] r54906 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Aug 20 11:30:01 UTC 2017 

Author: carnil
Date: 2017-08-20 11:30:00 +0000 (Sun, 20 Aug 2017)
New Revision: 54906

Modified:
   data/CVE/list
Log:
Process several NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-20 09:53:40 UTC (rev 54905)
+++ data/CVE/list	2017-08-20 11:30:00 UTC (rev 54906)
@@ -4734,7 +4734,7 @@
 CVE-2017-11324 (An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of ...)
 	NOT-FOR-US: Tilde CMS
 CVE-2017-11323 (Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: ESTsoft ALZip
 CVE-2017-11322
 	RESERVED
 CVE-2017-11321
@@ -12710,9 +12710,9 @@
 CVE-2017-8447
 	RESERVED
 CVE-2017-8446 (The Reporting feature in X-Pack in versions prior to 5.5.2 and ...)
-	TODO: check
+	NOT-FOR-US: X-Pack plugin for Kibana
 CVE-2017-8445 (An error was found in the X-Pack Security TLS trust manager for ...)
-	TODO: check
+	NOT-FOR-US: X-PackSecurity TLS trust manager plugin for Elasticsearch
 CVE-2017-8444
 	RESERVED
 CVE-2017-8443 (In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user ...)
@@ -79559,7 +79559,7 @@
 CVE-2015-4465 (Cross-site scripting (XSS) vulnerability in the zM Ajax Login & ...)
 	NOT-FOR-US: WordPress plugin zM Ajax Login & Register
 CVE-2015-4464 (Kguard Digital Video Recorder 104, 108, v2 does not have any ...)
-	TODO: check
+	NOT-FOR-US: Kguard Digital Video Recorder
 CVE-2015-4463 (The file_manager component in eFront CMS before 3.6.15.5 allows remote ...)
 	NOT-FOR-US: eFront CMS
 CVE-2015-4462 (Absolute path traversal vulnerability in the file_manager component of ...)
@@ -81692,7 +81692,7 @@
 CVE-2015-3650 (vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 ...)
 	NOT-FOR-US: VMware
 CVE-2015-3649 (The open-uri-cached rubygem allows local users to execute arbitrary ...)
-	TODO: check
+	NOT-FOR-US: open-uri-cached rubygem
 CVE-2015-3648 (Directory traversal vulnerability in pages/setup.php in Montala ...)
 	NOT-FOR-US: ResourceSpace
 CVE-2015-3647 (Multiple cross-site scripting (XSS) vulnerabilities in ...)

More information about the Secure-testing-commits mailing list