[Secure-testing-commits] r49583 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Mar 11 10:30:38 UTC 2017 

Author: carnil
Date: 2017-03-11 10:30:38 +0000 (Sat, 11 Mar 2017)
New Revision: 49583

Modified:
   data/CVE/list
Log:
Mark some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-11 09:10:17 UTC (rev 49582)
+++ data/CVE/list	2017-03-11 10:30:38 UTC (rev 49583)
@@ -17,11 +17,11 @@
 CVE-2017-6805
 	RESERVED
 CVE-2017-6804 (A Stored XSS Vulnerability exists in the WP Markdown Editor (aka ...)
-	TODO: check
+	NOT-FOR-US: WP Markdown Editor plugin for Wordpress
 CVE-2017-6803
 	RESERVED
 CVE-2017-6798 (Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro Endpoint Sensor
 CVE-2017-6802 (An issue was discovered in ytnef before 1.9.2. There is a potential ...)
 	- libytnef 1.9.2-1
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/22f8346c8d4f0020a40d9f258fdb3bfc097359cc
@@ -659,7 +659,7 @@
 	NOTE: http://lists.gnu.org/archive/html/bug-wget/2017-03/msg00018.html
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=4d729e322fae359a1aefaafec1144764a54e8ad4
 CVE-2017-6506 (In Azure Data Expert Ultimate 2.2.16, the SMTP verification function ...)
-	TODO: check
+	NOT-FOR-US: Azure Data Expert Ultimate
 CVE-2017-6505 [usb: an infinite loop issue in ohci_service_ed_list]
 	RESERVED
 	- qemu <unfixed> (bug #856969)
@@ -900,7 +900,7 @@
 CVE-2017-6428
 	RESERVED
 CVE-2017-6427 (A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A ...)
-	TODO: check
+	NOT-FOR-US: EvoStream Media Server
 CVE-2017-XXXX [NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp)]
 	- libpodofo <unfixed> (bug #856592)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/10
@@ -2570,7 +2570,7 @@
 CVE-2017-5860
 	RESERVED
 CVE-2017-5859 (On Cambium Networks cnPilot R200/201 devices before 4.3, there is a ...)
-	TODO: check
+	NOT-FOR-US: Cambium Networks cnPilot
 CVE-2017-5858 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	NOT-FOR-US: converse.js
 CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows attackers ...)

More information about the Secure-testing-commits mailing list