[Secure-testing-commits] r49755 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Mar 18 07:32:15 UTC 2017 

Author: carnil
Date: 2017-03-18 07:32:15 +0000 (Sat, 18 Mar 2017)
New Revision: 49755

Modified:
   data/CVE/list
Log:
Process more NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-18 07:25:17 UTC (rev 49754)
+++ data/CVE/list	2017-03-18 07:32:15 UTC (rev 49755)
@@ -435,15 +435,15 @@
 CVE-2017-6959
 	RESERVED
 CVE-2017-6958 (An XSS vulnerability in the MantisBT Source Integration Plugin (before ...)
-	TODO: check
+	NOT-FOR-US: MantisBT Source Integration Plugin
 CVE-2017-6957
 	RESERVED
 CVE-2017-6956
 	RESERVED
 CVE-2017-6955 (An issue was discovered in by-email/by-email.php in the Invite Anyone ...)
-	TODO: check
+	NOT-FOR-US: wordpress Anyone plugin
 CVE-2017-6954 (An issue was discovered in includes/component.php in the BuddyPress ...)
-	TODO: check
+	NOT-FOR-US: wordpress buddypress docs plugin
 CVE-2017-6953
 	RESERVED
 CVE-2017-6952 (Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c ...)
@@ -601,7 +601,7 @@
 CVE-2017-6881
 	RESERVED
 CVE-2017-6880 (Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Cerberus FTP Server
 CVE-2017-6879
 	RESERVED
 CVE-2017-6878
@@ -1960,13 +1960,13 @@
 CVE-2017-6371
 	RESERVED
 CVE-2017-6370 (TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in ...)
-	TODO: check
+	NOT-FOR-US: Typo3
 CVE-2017-6369
 	RESERVED
 CVE-2017-6368
 	RESERVED
 CVE-2017-6367 (In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the ...)
-	TODO: check
+	NOT-FOR-US: Cerberus FTP Server
 CVE-2017-6366 (Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 ...)
 	NOT-FOR-US: Netgear
 CVE-2017-6365
@@ -62865,13 +62865,13 @@
 	NOT-FOR-US: proxychains-ng
 	NOTE: proxychains does not contain the vulnerable code
 CVE-2015-3884 (Unrestricted file upload vulnerability in the (1) myAccount, (2) ...)
-	TODO: check
+	NOT-FOR-US: qdPM
 CVE-2015-3883 (Multiple cross-site scripting (XSS) vulnerabilities in qdPM 8.3 allow ...)
-	TODO: check
+	NOT-FOR-US: qdPM
 CVE-2015-3882 (qdPM 8.3 allows remote attackers to obtain sensitive information via ...)
-	TODO: check
+	NOT-FOR-US: qdPM
 CVE-2015-3881 (Information disclosure issue in qdPM 8.3 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: qdPM
 CVE-2015-3879 (Media Player Framework in Android before 5.1.1 LMY48T allows attackers ...)
 	NOT-FOR-US: Media Player Framework in Android
 CVE-2015-3878 (Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before ...)

More information about the Secure-testing-commits mailing list