[Secure-testing-commits] r53138 - data/CVE

Mon Jul 3 09:23:45 UTC 2017

Author: carnil
Date: 2017-07-03 09:23:45 +0000 (Mon, 03 Jul 2017)
New Revision: 53138

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-07-03 09:13:38 UTC (rev 53137)
+++ data/CVE/list	2017-07-03 09:23:45 UTC (rev 53138)
@@ -7,11 +7,11 @@
 	- graphicsmagick <unfixed>
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f10b9bb3ca62
 CVE-2017-10798 (In ObjectPlanet Opinio before 7.6.4, there is XSS. ...)
-	TODO: check
+	NOT-FOR-US: ObjectPlanet Opinio
 CVE-2017-10797
 	RESERVED
 CVE-2017-10796 (On TP-Link NC250 devices with firmware through 1.2.1 build 170515, ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2017-10795 (Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows ...)
 	TODO: check
 CVE-2017-10794 (When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata ...)
@@ -4954,9 +4954,9 @@
 CVE-2017-8895 (In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before ...)
 	NOT-FOR-US: Veritas
 CVE-2017-8894 (AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software ...)
-	TODO: check
+	NOT-FOR-US: AeroAdmin
 CVE-2017-8893 (AeroAdmin 4.1 uses a function to copy data between two pointers where ...)
-	TODO: check
+	NOT-FOR-US: AeroAdmin
 CVE-2017-8892 (Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 ...)
 	NOT-FOR-US: OpenText Tempo Box
 CVE-2017-8891 (Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a ...)


