[Secure-testing-commits] r49472 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Mar 7 08:06:24 UTC 2017 

Author: jmm
Date: 2017-03-07 08:06:23 +0000 (Tue, 07 Mar 2017)
New Revision: 49472

Modified:
   data/CVE/list
Log:
NFUs
drop historic TODO for ffmpeg


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-07 06:21:34 UTC (rev 49471)
+++ data/CVE/list	2017-03-07 08:06:23 UTC (rev 49472)
@@ -42395,7 +42395,6 @@
 	- libav <removed>
 	NOTE: http://habrahabr.ru/company/mailru/blog/274855
 	NOTE: Fixed in 2.8.5 upstream
-	TODO: Recheck, the issue might be fixed incompletely, cf. #811519
 CVE-2016-1867 (The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers ...)
 	{DSA-3785-1}
 	- jasper <removed> (bug #811023)
@@ -44398,13 +44397,13 @@
 CVE-2016-1210
 	RESERVED
 CVE-2016-1209 (The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2016-1208 (The server in Apple FileMaker before 14.0.4 on OS X allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple FileMaker
 CVE-2016-1207 (Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R ...)
-	TODO: check
+	NOT-FOR-US: I-O DATA
 CVE-2016-1206 (The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, ...)
-	TODO: check
+	NOT-FOR-US: I-O DATA
 CVE-2016-1205 (Cross-site scripting (XSS) vulnerability in the shiro8 (1) ...)
 	TODO: check
 CVE-2016-1204
@@ -44414,11 +44413,11 @@
 CVE-2016-1202 (Untrusted search path vulnerability in Atom Electron before 0.33.5 ...)
 	TODO: check
 CVE-2016-1201 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE ...)
-	TODO: check
+	NOT-FOR-US: LOCKON
 CVE-2016-1200 (The management screen in LOCKON EC-CUBE 3.0.7 through 3.0.9 allows ...)
-	TODO: check
+	NOT-FOR-US: LOCKON
 CVE-2016-1199 (The login page in the management screen in LOCKON EC-CUBE 3.0.0 ...)
-	TODO: check
+	NOT-FOR-US: LOCKON
 CVE-2016-1198
 	RESERVED
 CVE-2016-1197 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before ...)
@@ -142358,7 +142357,6 @@
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected>
-	TODO: check ffmpeg, http://src.chromium.org/viewvc/chrome?view=rev&revision=88382
 CVE-2011-2843 (Google Chrome before 14.0.835.163 does not properly handle media ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>

More information about the Secure-testing-commits mailing list