[Secure-testing-commits] r52730 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jun 20 09:13:59 UTC 2017 

Author: jmm
Date: 2017-06-20 09:13:59 +0000 (Tue, 20 Jun 2017)
New Revision: 52730

Modified:
   data/CVE/list
Log:
NFUs
uclibc unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-20 09:10:14 UTC (rev 52729)
+++ data/CVE/list	2017-06-20 09:13:59 UTC (rev 52730)
@@ -173,11 +173,9 @@
 CVE-2017-9730 (SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and ...)
 	NOT-FOR-US: nuevoMailer
 CVE-2017-9729 (In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) ...)
-	- uclibc <undetermined>
-	TODO: check and check uclibc-ng
+	- uclibc <unfixed> (unimportant)
 CVE-2017-9728 (In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp ...)
-	- uclibc <undetermined>
-	TODO: check and check uclibc-ng
+	- uclibc <unfixed> (unimportant)
 CVE-2017-9727
 	RESERVED
 CVE-2017-9726
@@ -3630,11 +3628,11 @@
 CVE-2017-8452 (Kibana versions prior to 5.2.1 configured for SSL client access, file ...)
 	- kibana <itp> (bug #700337)
 CVE-2017-8451 (With X-Pack installed, Kibana versions before 5.3.1 have an open ...)
-	TODO: check
+	NOT-FOR-US: Kibana addon
 CVE-2017-8450 (X-Pack 5.1.1 did not properly apply document and field level security ...)
-	TODO: check
+	NOT-FOR-US: Kibana addon
 CVE-2017-8449 (X-Pack Security 5.2.x would allow access to more fields than the user ...)
-	TODO: check
+	NOT-FOR-US: Kibana addon
 CVE-2017-8448
 	RESERVED
 CVE-2017-8447
@@ -3714,7 +3712,7 @@
 CVE-2016-10365 (Kibana versions before 4.6.3 and 5.0.1 have an open redirect ...)
 	- kibana <itp> (bug #700337)
 CVE-2016-10364 (With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not ...)
-	TODO: check
+	NOT-FOR-US: Kibana addon
 CVE-2016-10363 (Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, ...)
 	- logstash <itp> (bug #664841)
 CVE-2016-10362 (Prior to Logstash version 5.0.1, Elasticsearch Output plugin when ...)
@@ -17527,11 +17525,11 @@
 CVE-2017-3746
 	RESERVED
 CVE-2017-3745 (In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3744 (In the IMM2 firmware of Lenovo System x servers, remote commands ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3743 (If multiple users are concurrently logged into a single system where ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3742
 	RESERVED
 CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a local user ...)

More information about the Secure-testing-commits mailing list