[Secure-testing-commits] r47914 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Jan 11 17:32:17 UTC 2017 

Author: jmm
Date: 2017-01-11 17:32:17 +0000 (Wed, 11 Jan 2017)
New Revision: 47914

Modified:
   data/CVE/list
Log:
mcollective bug
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-11 17:21:05 UTC (rev 47913)
+++ data/CVE/list	2017-01-11 17:32:17 UTC (rev 47914)
@@ -221,7 +221,7 @@
 CVE-2017-5218
 	RESERVED
 CVE-2017-5217 (Installing a zero-permission Android application on certain Samsung ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2017-5216 (Stack-based buffer overflow vulnerability in Netop Remote Control ...)
 	TODO: check
 CVE-2017-5215
@@ -266,9 +266,9 @@
 	- libgit2 <unfixed>
 	NOTE: https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834
 CVE-2016-10126 (Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before ...)
-	TODO: check
+	NOT-FOR-US: Splunk
 CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2016-10127 [XML external entity attack]
 	- python-pysaml2 3.0.0-5 (bug #850716)
 	NOTE: https://github.com/rohe/pysaml2/pull/379
@@ -374,7 +374,7 @@
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
 CVE-2017-5179 (Cross-site scripting (XSS) vulnerability in Tenable Nessus before ...)
-	TODO: check
+	NOT-FOR-US: Nessus
 CVE-2017-5178
 	RESERVED
 CVE-2017-5177
@@ -3148,7 +3148,7 @@
 CVE-2016-10042
 	RESERVED
 CVE-2016-10041 (An issue was discovered in Sprecher Automation SPRECON-E Service ...)
-	TODO: check
+	NOT-FOR-US: Sprecher Automation SPRECON-E Service
 CVE-2016-10040
 	RESERVED
 	- qt4-x11 <unfixed>
@@ -5938,7 +5938,7 @@
 CVE-2016-9758
 	RESERVED
 CVE-2016-9757 (In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user ...)
-	TODO: check
+	NOT-FOR-US: Rapid7 Nexpose
 CVE-2016-9846 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator ...)
 	- qemu 1:2.8+dfsg-1 (bug #847382)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -34329,9 +34329,8 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/02/8
 CVE-2016-2788
 	RESERVED
-	- mcollective <undetermined>
+	- mcollective <unfixed> (bug #850968)
 	NOTE: https://puppet.com/security/cve/cve-2016-2788
-	TODO: check
 CVE-2016-2787
 	RESERVED
 CVE-2016-2786 (The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 ...)

More information about the Secure-testing-commits mailing list