[Secure-testing-commits] r49356 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Mar 2 08:36:51 UTC 2017 

Author: carnil
Date: 2017-03-02 08:36:51 +0000 (Thu, 02 Mar 2017)
New Revision: 49356

Modified:
   data/CVE/list
Log:
Mark new NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-02 07:58:11 UTC (rev 49355)
+++ data/CVE/list	2017-03-02 08:36:51 UTC (rev 49356)
@@ -1028,7 +1028,7 @@
 CVE-2017-5996
 	RESERVED
 CVE-2017-5995 (The NetApp ONTAP Select Deploy administration utility 2.0 through ...)
-	TODO: check
+	NOT-FOR-US: NetApp ONTAP Select Deploy administration utility
 CVE-2017-XXXX [XSA-207: memory leak when destroying guest without PT devices]
 	- xen <unfixed> (bug #856229)
 	[jessie] - xen <no-dsa> (Minor issue)
@@ -10245,7 +10245,7 @@
 CVE-2017-2686
 	RESERVED
 CVE-2017-2685 (Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2017-2684 (Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an ...)
 	NOT-FOR-US: Siemens
 CVE-2017-2683 (A non-privileged user of the Siemens web application RUGGEDCOM NMS < ...)
@@ -19428,9 +19428,9 @@
 CVE-2016-8509
 	REJECTED
 CVE-2016-8508 (Yandex Browser for desktop before 17.1.1.227 does not show Protect ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8507 (Yandex Browser for iOS before 16.10.0.2357 does not properly restrict ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8506 (XSS in Yandex Browser Translator in Yandex browser for desktop for ...)
 	NOT-FOR-US: Yandex Browser
 CVE-2016-8505 (XSS in Yandex Browser BookReader in Yandex browser for desktop for ...)
@@ -25965,7 +25965,7 @@
 	NOTE: GnuTLS needs an update when/before src:nettle is fixed to continue working with patched src:nettle for CVE-2016-6489
 	NOTE: but not a vulnerability in GnuTLS. Needs https://gitlab.com/gnutls/gnutls/commit/186dc9c2012003587a38d7f4d03edd8da5fe989f
 CVE-2016-6485 (The __construct function in Framework/Encryption/Crypt.php in Magento ...)
-	TODO: check
+	NOT-FOR-US: Magento
 CVE-2016-6484 (CRLF injection vulnerability in Infoblox Network Automation NetMRI ...)
 	NOT-FOR-US: Infoblox Network Automation NetMR
 CVE-2016-6513 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x ...)
@@ -29707,7 +29707,7 @@
 CVE-2016-5375
 	RESERVED
 CVE-2016-5374 (NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated ...)
-	TODO: check
+	NOT-FOR-US: NetApp
 CVE-2016-5373
 	RESERVED
 CVE-2016-5372 (Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator ...)

More information about the Secure-testing-commits mailing list