[Secure-testing-commits] r53141 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jul 3 10:37:00 UTC 2017 

Author: jmm
Date: 2017-07-03 10:37:00 +0000 (Mon, 03 Jul 2017)
New Revision: 53141

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-03 10:06:56 UTC (rev 53140)
+++ data/CVE/list	2017-07-03 10:37:00 UTC (rev 53141)
@@ -13,7 +13,7 @@
 CVE-2017-10796 (On TP-Link NC250 devices with firmware through 1.2.1 build 170515, ...)
 	NOT-FOR-US: TP-Link
 CVE-2017-10795 (Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows ...)
-	TODO: check
+	NOT-FOR-US: Subrion CMS
 CVE-2017-10794 (When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata ...)
 	- graphicsmagick <unfixed>
 	NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/a20bee0a0ad216aa11a2be3de63b60ca6bef4106/
@@ -204,7 +204,7 @@
 CVE-2017-10707
 	RESERVED
 CVE-2017-10706 (When Antiy Antivirus Engine before 5.0.0.05171547 scans a special ZIP ...)
-	TODO: check
+	NOT-FOR-US: When Antiy Antivirus Engine
 CVE-2017-10705
 	RESERVED
 CVE-2017-10704
@@ -302,11 +302,11 @@
 CVE-2017-10671 (Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in ...)
 	- thttpd <removed>
 CVE-2017-10670 (An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used ...)
-	TODO: check
+	NOT-FOR-US: OSCI-Transport
 CVE-2017-10669 (Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI ...)
-	TODO: check
+	NOT-FOR-US: OSCI-Transport
 CVE-2017-10668 (A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport ...)
-	TODO: check
+	NOT-FOR-US: OSCI-Transport
 CVE-2017-10667 (In index.php in Zen Cart 1.6.0, the products_id parameter can cause ...)
 	NOT-FOR-US: Zen Cart
 CVE-2017-10666
@@ -864,7 +864,7 @@
 	NOTE: https://sourceforge.net/p/libmtp/mailman/message/35735992/
 	NOTE: https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/
 CVE-2017-9830 (Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the ...)
-	TODO: check
+	NOT-FOR-US: Code42
 CVE-2017-9829 ('/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the ...)
 	NOT-FOR-US: VIVOTEK Network Cameras
 CVE-2017-9828 ('/cgi-bin/admin/testserver.cgi' of the web service in most of the ...)
@@ -6004,7 +6004,7 @@
 CVE-2017-8444
 	RESERVED
 CVE-2017-8443 (In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user ...)
-	TODO: check
+	NOT-FOR-US: Kibana X-Pack Security
 CVE-2017-8442
 	RESERVED
 CVE-2017-8441 (Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not ...)

More information about the Secure-testing-commits mailing list