[Secure-testing-commits] r53442 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2017-07-13 09:13:26 +0000 (Thu, 13 Jul 2017)
New Revision: 53442

Modified:
   data/CVE/list
Log:
new ruby-rack-cors issue
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-13 09:10:12 UTC (rev 53441)
+++ data/CVE/list	2017-07-13 09:13:26 UTC (rev 53442)
@@ -11,15 +11,15 @@
 CVE-2017-11203
 	RESERVED
 CVE-2017-11202 (FineCMS through 2017-07-12 allows XSS in visitors.php because ...)
-	TODO: check
+	NOT-FOR-US: FineCMS
 CVE-2017-11201 (application/core/controller/images.php in FineCMS through 2017-07-12 ...)
-	TODO: check
+	NOT-FOR-US: FineCMS
 CVE-2017-11200 (SQL Injection exists in FineCMS through 2017-07-12 via the ...)
-	TODO: check
+	NOT-FOR-US: FineCMS
 CVE-2017-11199
 	RESERVED
 CVE-2017-11198 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: FineCMS
 CVE-2017-11197
 	RESERVED
 CVE-2017-XXXX [libsndfile binheader overflow]
@@ -76,9 +76,9 @@
 CVE-2017-11175
 	RESERVED
 CVE-2017-11174 (In install/page_dbsettings.php in the Core distribution of XOOPS ...)
-	TODO: check
+	NOT-FOR-US: XOOPS
 CVE-2017-11173 (Missing anchor in generated regex for rack-cors before 0.4.1 allows a ...)
-	TODO: check
+	- ruby-rack-cors 0.4.1-1
 CVE-2017-11172
 	RESERVED
 CVE-2017-1000096