[Secure-testing-commits] r53785 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jul 22 09:31:20 UTC 2017 

Author: carnil
Date: 2017-07-22 09:31:20 +0000 (Sat, 22 Jul 2017)
New Revision: 53785

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-22 09:10:13 UTC (rev 53784)
+++ data/CVE/list	2017-07-22 09:31:20 UTC (rev 53785)
@@ -1,7 +1,7 @@
 CVE-2017-11520
 	RESERVED
 CVE-2017-11519 (passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2016-10399
 	RESERVED
 CVE-2017-11518
@@ -11237,7 +11237,7 @@
 	- tpm2-tools <unfixed> (bug #866257)
 	NOTE: https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157
 CVE-2017-7523 (Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: Cygwin
 CVE-2017-7522 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
 	- openvpn 2.4.3-1 (unimportant)
 	[jessie] - openvpn <not-affected> (x509-track implemented in 2.4.0)
@@ -26861,15 +26861,15 @@
 CVE-2017-2278
 	RESERVED
 CVE-2017-2277 (WG-C10 v3.0.79 and earlier allows an attacker to bypass access ...)
-	TODO: check
+	NOT-FOR-US: WG-C10
 CVE-2017-2276 (Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to ...)
-	TODO: check
+	NOT-FOR-US:  WG-C10
 CVE-2017-2275 (WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS ...)
-	TODO: check
+	NOT-FOR-US:  WG-C10
 CVE-2017-2274 (Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and ...)
-	TODO: check
+	NOT-FOR-US: WMR-433* firmware
 CVE-2017-2273 (Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware ...)
-	TODO: check
+	NOT-FOR-US: WMR-433* firmware
 CVE-2017-2272 (Untrusted search path vulnerability in Self-extracting encrypted files ...)
 	NOT-FOR-US: AttacheCase
 CVE-2017-2271 (Untrusted search path vulnerability in Self-extracting encrypted files ...)
@@ -27163,7 +27163,7 @@
 CVE-2017-2127 (Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 ...)
 	NOT-FOR-US: YOP Poll
 CVE-2017-2126 (WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware ...)
-	TODO: check
+	NOT-FOR-US: WAPM-* firmware
 CVE-2017-2125 (Privilege escalation vulnerability in CentreCOM AR260S V2 remote ...)
 	NOT-FOR-US: CentreCOM AR260S
 CVE-2017-2124 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...)

More information about the Secure-testing-commits mailing list