[Secure-testing-commits] r53598 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jul 18 05:11:10 UTC 2017 

Author: carnil
Date: 2017-07-18 05:11:10 +0000 (Tue, 18 Jul 2017)
New Revision: 53598

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-18 04:41:35 UTC (rev 53597)
+++ data/CVE/list	2017-07-18 05:11:10 UTC (rev 53598)
@@ -80,7 +80,7 @@
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73473
 	NOTE: Fixed in 7.1.7, 7.0.21
 CVE-2017-11361 (Inteno routers have a JUCI ACL misconfiguration that allows the "user" ...)
-	TODO: check
+	NOT-FOR-US: Inteno routers
 CVE-2017-11360 (The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a ...)
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867808)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/518
@@ -860,9 +860,9 @@
 CVE-2017-11129
 	RESERVED
 CVE-2017-11128 (Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by ...)
-	TODO: check
+	NOT-FOR-US: Bolt CMS
 CVE-2017-11127 (Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a ...)
-	TODO: check
+	NOT-FOR-US: Bolt CMS
 CVE-2017-11126 (The III_i_stereo function in libmpg123/layer3.c in mpg123 through ...)
 	- mpg123 <unfixed> (unimportant)
 	NOTE: no security impact
@@ -4454,7 +4454,7 @@
 CVE-2017-9640
 	RESERVED
 CVE-2017-9639 (An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2017-9638
 	RESERVED
 CVE-2017-9637
@@ -9043,7 +9043,7 @@
 CVE-2017-8012
 	RESERVED
 CVE-2017-8011 (EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2017-8010
 	RESERVED
 CVE-2017-8009
@@ -9053,11 +9053,11 @@
 CVE-2017-8007
 	RESERVED
 CVE-2017-8006 (In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2017-8005 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2017-8004 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2017-8003 (EMC Data Protection Advisor prior to 6.4 contains a path traversal ...)
 	NOT-FOR-US: EMC Data Protection Advisor
 CVE-2017-8002 (EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL ...)
@@ -9065,7 +9065,7 @@
 CVE-2017-8001
 	RESERVED
 CVE-2017-8000 (In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2017-7999 (Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote ...)
 	NOT-FOR-US: Atlassian Eucalyptus
 CVE-2017-7998
@@ -21798,7 +21798,7 @@
 CVE-2017-3755
 	RESERVED
 CVE-2017-3754 (Some Lenovo brand notebook systems do not have write protections ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3753
 	RESERVED
 CVE-2017-3752
@@ -21822,7 +21822,7 @@
 CVE-2017-3743 (If multiple users are concurrently logged into a single system where ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3742 (In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a local user ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3740 (In Lenovo Active Protection System before 1.82.0.14, an attacker with ...)

More information about the Secure-testing-commits mailing list