[Secure-testing-commits] r53633 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2017-07-18 21:46:58 +0000 (Tue, 18 Jul 2017)
New Revision: 53633

Modified:
   data/CVE/list
Log:
new moodle issue
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-18 21:44:10 UTC (rev 53632)
+++ data/CVE/list	2017-07-18 21:46:58 UTC (rev 53633)
@@ -14542,7 +14542,7 @@
 CVE-2017-6321
 	RESERVED
 CVE-2017-6320 (A remote command injection vulnerability exists in the Barracuda Load ...)
-	TODO: check
+	NOT-FOR-US: Barracuda
 CVE-2017-6319 (The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...)
 	- radare2 1.1.0+dfsg-3 (bug #856579)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
@@ -18232,9 +18232,9 @@
 CVE-2017-5248
 	RESERVED
 CVE-2017-5247 (Biscom Secure File Transfer is vulnerable to cross-site scripting in ...)
-	TODO: check
+	NOT-FOR-US: Biscom Secure File Transfer
 CVE-2017-5246 (Biscom Secure File Transfer is vulnerable to AngularJS expression ...)
-	TODO: check
+	NOT-FOR-US: Biscom Secure File Transfer
 CVE-2017-5245
 	REJECTED
 CVE-2017-5244 (Routes used to stop running Metasploit tasks (either particular ones ...)
@@ -25387,7 +25387,8 @@
 	NOTE: https://tracker.moodle.org/browse/MDL-56526
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56526
 CVE-2017-2642 (Moodle 3.x has user fullname disclosure on the user preferences page. ...)
-	TODO: check
+	- moodle <unfixed>
+	NOTE: https://moodle.org/mod/forum/discuss.php?d=355554
 CVE-2017-2641 (In Moodle 2.x and 3.x, SQL injection can occur via user preferences. ...)
 	- moodle 2.7.19+dfsg-1
 	NOTE: https://tracker.moodle.org/browse/MDL-58010
@@ -28272,7 +28273,7 @@
 CVE-2017-1319 (IBM Tivoli Federated Identity Manager 6.2 is affected by a ...)
 	NOT-FOR-US: IBM
 CVE-2017-1318 (IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1317
 	RESERVED
 CVE-2017-1316