[Secure-testing-commits] r58483 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Dec 12 09:25:32 UTC 2017 

Author: jmm
Date: 2017-12-12 09:25:32 +0000 (Tue, 12 Dec 2017)
New Revision: 58483

Modified:
   data/CVE/list
Log:
nodejs n/a
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-12 09:20:03 UTC (rev 58482)
+++ data/CVE/list	2017-12-12 09:25:32 UTC (rev 58483)
@@ -1676,9 +1676,9 @@
 CVE-2017-17112 (ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool ...)
 	NOT-FOR-US: IKARUS
 CVE-2017-17111 (Posty Readymade Classifieds Script 1.0 allows an attacker to inject ...)
-	TODO: check
+	NOT-FOR-US: Posty Readymade Classifieds Script
 CVE-2017-17110 (Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL ...)
-	TODO: check
+	NOT-FOR-US: Techno Portfolio Management Panel
 CVE-2017-17109
 	RESERVED
 CVE-2017-17108
@@ -5084,7 +5084,7 @@
 CVE-2017-16724
 	RESERVED
 CVE-2017-16723 (A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2017-16722
 	RESERVED
 CVE-2017-16721 (A Cross-site Scripting issue was discovered in Geovap Reliance SCADA ...)
@@ -7383,15 +7383,15 @@
 CVE-2017-15945 (The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, ...)
 	NOT-FOR-US: Gentoo installation scripts
 CVE-2017-15944 (Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2017-15943 (The configuration file import for applications, spyware and ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2017-15942 (Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2017-15941
 	RESERVED
 CVE-2017-15940 (The web interface packet capture management component in Palo Alto ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2017-15939 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
 	- binutils <not-affected> (Incomplete fix not applied)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22205
@@ -7519,9 +7519,9 @@
 CVE-2017-15898
 	RESERVED
 CVE-2017-15897 (Node.js had a bug in versions 8.X and 9.X which caused buffers to not ...)
-	TODO: check
+	- nodejs <not-affected> (Only affects 8.x and 9.x)
 CVE-2017-15896 (Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards ...)
-	TODO: check
+	- nodejs <not-affected> (HTTP2 module only in 8.x and 9.x and Debian package uses the system copy of OpenSSL)
 CVE-2017-15895 (Directory traversal vulnerability in the SYNO.FileStation.Extract in ...)
 	NOT-FOR-US: Synology Router Manager
 CVE-2017-15894 (Directory traversal vulnerability in the SYNO.FileStation.Extract in ...)

More information about the Secure-testing-commits mailing list