[Secure-testing-commits] r53158 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jul 4 04:28:19 UTC 2017 

Author: carnil
Date: 2017-07-04 04:28:19 +0000 (Tue, 04 Jul 2017)
New Revision: 53158

Modified:
   data/CVE/list
Log:
Process several NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-03 21:10:17 UTC (rev 53157)
+++ data/CVE/list	2017-07-04 04:28:19 UTC (rev 53158)
@@ -3913,7 +3913,7 @@
 CVE-2017-9249 (Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows ...)
 	NOT-FOR-US: Allen Disk
 CVE-2017-9248 (Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 ...)
-	TODO: check
+	NOT-FOR-US: Progress Telerik UI for ASP.NET AJAX
 CVE-2017-9247
 	RESERVED
 CVE-2017-9246 (New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe ...)
@@ -6946,7 +6946,7 @@
 CVE-2017-8117
 	RESERVED
 CVE-2017-8116 (The management interface for the Teltonika RUT9XX routers (aka LuCI) ...)
-	TODO: check
+	NOT-FOR-US: Teltonika RUT9XX routers
 CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...)
 	NOT-FOR-US: MODX
 CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by authenticated ...)
@@ -7509,7 +7509,7 @@
 CVE-2017-7920
 	RESERVED
 CVE-2017-7919 (An Improper Authentication issue was discovered in Newport XPS-Cx and ...)
-	TODO: check
+	NOT-FOR-US: Newport
 CVE-2017-7918 (An Improper Access Control issue was discovered in Cambium Networks ...)
 	NOT-FOR-US: Cambium Networks ePMP
 CVE-2017-7917 (A Cross-Site Request Forgery issue was discovered in Moxa OnCell ...)
@@ -40516,7 +40516,7 @@
 CVE-2016-6202
 	RESERVED
 CVE-2016-6201 (Cross-site scripting (XSS) vulnerability in Ektron Content Management ...)
-	TODO: check
+	NOT-FOR-US: Ektron Content Management System
 CVE-2016-6200
 	RESERVED
 CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to ...)
@@ -44795,7 +44795,7 @@
 CVE-2016-5046
 	RESERVED
 CVE-2016-5045 (NetApp OnCommand System Manager before 9.0 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: NetApp OnCommand System Manager
 CVE-2016-5025 (For the NVIDIA Quadro, NVS, and GeForce products, improper ...)
 	NOT-FOR-US: NVIDIA Quadro, NVS, and GeForce product
 CVE-2016-5024 (Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and ...)
@@ -47913,9 +47913,9 @@
 CVE-2016-3999 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
 	NOT-FOR-US: Zimbra
 CVE-2016-3998 (NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to ...)
-	TODO: check
+	NOT-FOR-US: NetApp AltaVault
 CVE-2016-3997 (NetApp Clustered Data ONTAP allows man-in-the-middle attackers to ...)
-	TODO: check
+	NOT-FOR-US: NetApp Clustered Data ONTAP
 CVE-2016-XXXX [auth bypass]
 	- brltty <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=967436
@@ -49645,7 +49645,7 @@
 CVE-2016-3401 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows ...)
 	NOT-FOR-US: Zimbra
 CVE-2016-3400 (NetApp Data ONTAP, when operating in 7-Mode 8.1 and 8.2, allows ...)
-	TODO: check
+	NOT-FOR-US: NetApp Data ONTAP
 CVE-2016-3399
 	RESERVED
 CVE-2016-3398

More information about the Secure-testing-commits mailing list