[Secure-testing-commits] r47654 - in data: . CVE

Sun Jan 1 22:58:51 UTC 2017

Author: jmm
Date: 2017-01-01 22:58:51 +0000 (Sun, 01 Jan 2017)
New Revision: 47654

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
shutter spu
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-01-01 21:12:12 UTC (rev 47653)
+++ data/CVE/list	2017-01-01 22:58:51 UTC (rev 47654)
@@ -2295,11 +2295,11 @@
 	NOTE: CVE assignment specific to http://www.openwall.com/lists/oss-security/2016/12/24/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/24/1
 CVE-2016-10039 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
-	TODO: check
+	NOT-FOR-US: MODX Revolution
 CVE-2016-10038 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
-	TODO: check
+	NOT-FOR-US: MODX Revolution
 CVE-2016-10037 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
-	TODO: check
+	NOT-FOR-US: MODX Revolution
 CVE-2016-10036
 	RESERVED
 CVE-2016-10035
@@ -2827,7 +2827,6 @@
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.c.diff?r1=1.165&r2=1.166
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.h.diff?r1=1.19&r2=1.20
-	TODO: check affected versions
 CVE-2016-10011 [sshd(8): theoretical leak of host private key material to privilege-separated child processes via realloc()]
 	RESERVED
 	- openssh 1:7.4p1-1 (low; bug #848716)
@@ -4193,7 +4192,7 @@
 CVE-2016-9890
 	RESERVED
 CVE-2016-9889 (Some forms with the parameter geo_zoomlevel_to_found_location in Tiki ...)
-	TODO: check
+	NOT-FOR-US: Tiki Wiki
 CVE-2016-9888 (An error within the "tar_directory_for_file()" function ...)
 	{DLA-740-1}
 	- libgsf 1.14.41-1
@@ -4991,21 +4990,21 @@
 CVE-2016-9838 (An issue was discovered in components/com_users/models/registration.php ...)
 	NOT-FOR-US: Joomla
 CVE-2016-9837 (An issue was discovered in ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2016-9836 (The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! ...)
 	NOT-FOR-US: Joomla
 CVE-2016-9835 (Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x ...)
-	TODO: check
+	NOT-FOR-US: Zikula
 CVE-2016-9834
 	RESERVED
 CVE-2016-9833
 	RESERVED
 CVE-2016-9832 (PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows ...)
-	TODO: check
+	NOT-FOR-US: ACE-ABAP
 CVE-2016-9805
 	RESERVED
 CVE-2016-9796 (Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs ...)
-	TODO: check
+	NOT-FOR-US: Alcatel-Lucent OmniVista
 CVE-2016-9795
 	RESERVED
 CVE-2016-9792

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2017-01-01 21:12:12 UTC (rev 47653)
+++ data/next-point-update.txt	2017-01-01 22:58:51 UTC (rev 47654)
@@ -170,3 +170,5 @@
 	[jessie] - postgresql-common 165+deb8u2
 CVE-2016-10091
 	[jessie] - unrtf 0.21.5-3+deb8u1
+CVE-2015-0854
+	[jessie] - shutter 0.92-0.1+deb8u1


