[Secure-testing-commits] r52256 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sat Jun 3 09:46:31 UTC 2017 

Author: jmm
Date: 2017-06-03 09:46:31 +0000 (Sat, 03 Jun 2017)
New Revision: 52256

Modified:
   data/CVE/list
Log:
one itp issue, NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-03 09:40:59 UTC (rev 52255)
+++ data/CVE/list	2017-06-03 09:46:31 UTC (rev 52256)
@@ -91,11 +91,11 @@
 CVE-2017-9381
 	RESERVED
 CVE-2017-9380 (OpenEMR 5.0.0 and prior allows low-privilege users to upload files of ...)
-	TODO: check
+	NOT-FOR-US: OpenEMR
 CVE-2017-9379 (Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2017-9378 (BigTree CMS through 4.2.18 does not prevent a user from deleting their ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2017-9377
 	RESERVED
 CVE-2017-9376
@@ -3836,7 +3836,7 @@
 CVE-2017-8000
 	RESERVED
 CVE-2017-7999 (Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Eucalyptus
 CVE-2017-7998
 	RESERVED
 CVE-2017-7997
@@ -9625,7 +9625,7 @@
 CVE-2017-6040
 	RESERVED
 CVE-2017-6039 (A Use of Hard-Coded Password issue was discovered in Phoenix Broadband ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2017-6038
 	RESERVED
 CVE-2017-6037 (A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies ...)
@@ -16195,9 +16195,9 @@
 CVE-2017-3742
 	RESERVED
 CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a local user ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3740 (In Lenovo Active Protection System before 1.82.0.14, an attacker with ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3739
 	RESERVED
 CVE-2017-3738
@@ -23349,7 +23349,7 @@
 CVE-2017-0897
 	RESERVED
 CVE-2017-0896 (Zulip Server 1.5.1 and below suffer from an error in the ...)
-	TODO: check
+	- zulip-server <itp> (bug #800052)
 CVE-2017-0895 (Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure ...)
 	- nextcloud <itp> (bug #835086)
 CVE-2017-0894 (Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid ...)
@@ -29767,13 +29767,13 @@
 CVE-2016-8232 (Document Object Model-(DOM) based cross-site scripting vulnerability ...)
 	NOT-FOR-US: Lenovo
 CVE-2016-8231 (In Lenovo Service Bridge before version 4, a bug found in the ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2016-8230 (In Lenovo Service Bridge before version 4, an insecure HTTP connection ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2016-8229 (A cross-site request forgery vulnerability in Lenovo Service Bridge ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2016-8228 (In Lenovo Service Bridge before version 4, a user with local ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2016-8227 (Privilege escalation vulnerability in Lenovo Transition application ...)
 	NOT-FOR-US: Lenovo
 CVE-2016-8226 (The BIOS in Lenovo System X M5, M6, and X6 systems allows ...)

More information about the Secure-testing-commits mailing list