[Secure-testing-commits] r52586 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jun 15 13:28:52 UTC 2017 

Author: carnil
Date: 2017-06-15 13:28:52 +0000 (Thu, 15 Jun 2017)
New Revision: 52586

Modified:
   data/CVE/list
Log:
Process several NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-15 10:59:49 UTC (rev 52585)
+++ data/CVE/list	2017-06-15 13:28:52 UTC (rev 52586)
@@ -79,13 +79,13 @@
 CVE-2017-9625
 	RESERVED
 CVE-2017-9624 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
-	TODO: check
+	NOT-FOR-US: Telaxus/EPESI
 CVE-2017-9623 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
-	TODO: check
+	NOT-FOR-US: Telaxus/EPESI
 CVE-2017-9622 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
-	TODO: check
+	NOT-FOR-US: Telaxus/EPESI
 CVE-2017-9621 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Telaxus/EPESI
 CVE-2017-9620
 	RESERVED
 CVE-2017-9619
@@ -119,7 +119,7 @@
 CVE-2017-9607
 	RESERVED
 CVE-2017-9606 (Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local ...)
-	TODO: check
+	NOT-FOR-US: Infotecs ViPNet Client and Coordinator
 CVE-2017-9604 (KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in ...)
 	- kdepim <unfixed> (bug #864804)
 	- kf5-messagelib <unfixed> (bug #864803)
@@ -4772,7 +4772,7 @@
 CVE-2017-7915 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
 	NOT-FOR-US: Moxa
 CVE-2017-7914 (A Missing Authorization issue was discovered in Rockwell Automation ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Rockwell PanelView Plus
 CVE-2017-7913 (A Plaintext Storage of a Password issue was discovered in Moxa OnCell ...)
 	NOT-FOR-US: Moxa
 CVE-2017-7912
@@ -4780,7 +4780,7 @@
 CVE-2017-7911 (A Code Injection issue was discovered in CyberVision Kaa IoT Platform, ...)
 	NOT-FOR-US: CyberVision Kaa IoT Platform
 CVE-2017-7910 (A Stack-Based Buffer Overflow issue was discovered in Digital Canal ...)
-	TODO: check
+	NOT-FOR-US: Digital Canal Structural Wind Analysis
 CVE-2017-7909 (A Use of Client-Side Authentication issue was discovered in Advantech ...)
 	NOT-FOR-US: Advantech
 CVE-2017-7908
@@ -5652,9 +5652,9 @@
 CVE-2017-7678
 	RESERVED
 CVE-2017-7677 (In environments that use external location for hive tables, Hive ...)
-	TODO: check
+	NOT-FOR-US: Apache Ranger
 CVE-2017-7676 (Policy resource matcher in Apache Ranger before 0.7.1 ignores ...)
-	TODO: check
+	NOT-FOR-US: Apache Ranger
 CVE-2017-7675
 	RESERVED
 CVE-2017-7674
@@ -11441,7 +11441,7 @@
 CVE-2017-5698
 	RESERVED
 CVE-2017-5697 (Insufficient clickjacking protection in the Web User Interface of ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2017-5696
 	RESERVED
 CVE-2017-5695
@@ -30831,43 +30831,43 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374266
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/18/3
 CVE-2017-0300 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0299 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0298 (A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0297 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0296 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0295 (Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0294 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0293
 	RESERVED
 CVE-2017-0292 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0291 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0290 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0289 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0288 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0287 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0286 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0285 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0284 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0283 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0282 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0281 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0280 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
@@ -30911,7 +30911,7 @@
 CVE-2017-0261 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0260 (A remote code execution vulnerability exists in Microsoft Office when ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0259 (The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0258 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
@@ -30993,15 +30993,15 @@
 CVE-2017-0220 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0219 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0218 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0217
 	RESERVED
 CVE-2017-0216 (Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0215 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0214 (Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0213 (Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 ...)
@@ -31045,7 +31045,7 @@
 CVE-2017-0194 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0193 (Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0192 (The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0191 (A denial of service vulnerability exists in the way that Windows 7, ...)
@@ -31085,7 +31085,7 @@
 CVE-2017-0174
 	RESERVED
 CVE-2017-0173 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-0172
 	RESERVED
 CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability when ...)

More information about the Secure-testing-commits mailing list