[Secure-testing-commits] r49787 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sun Mar 19 12:11:35 UTC 2017 

Author: jmm
Date: 2017-03-19 12:11:35 +0000 (Sun, 19 Mar 2017)
New Revision: 49787

Modified:
   data/CVE/list
Log:
puppet n/a
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-19 11:50:23 UTC (rev 49786)
+++ data/CVE/list	2017-03-19 12:11:35 UTC (rev 49787)
@@ -2018,31 +2018,31 @@
 	NOTE: Fixed in 7.1.0, 7.0.14, 5.6.29
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=69090
 CVE-2015-8993 (Malicious file execution vulnerability in Intel Security CloudAV ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2015-8992 (Malicious file execution vulnerability in Intel Security WebAdvisor ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2015-8991 (Malicious file execution vulnerability in Intel Security McAfee ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2015-8990 (Detection bypass vulnerability in Intel Security Advanced Threat ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2015-8989 (Unsalted password vulnerability in the Enterprise Manager (web portal) ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2015-8988 (Unquoted executable path vulnerability in Client Management and ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2015-8987 (Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2015-8986 (Sandbox detection evasion vulnerability in hardware appliances in ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2014-9921 (Information disclosure vulnerability in McAfee (now Intel Security) ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2014-9920 (Unauthorized execution of binary vulnerability in McAfee (now Intel ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2013-7462 (A directory traversal vulnerability in the web application in McAfee ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2013-7461 (A write protection and execution bypass vulnerability in McAfee (now ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2013-7460 (A write protection and execution bypass vulnerability in McAfee (now ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2017-6355 (Integer overflow in the vrend_create_shader function in ...)
 	- virglrenderer <unfixed>
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6 (0.6.0)
@@ -40204,7 +40204,7 @@
 	- mcollective <unfixed> (bug #850968)
 	NOTE: https://puppet.com/security/cve/cve-2016-2788
 CVE-2016-2787 (The Puppet Communications Protocol in Puppet Enterprise 2015.3.x ...)
-	TODO: check
+	- puppet <not-affected> (Specific to Puppet Enterprise)
 CVE-2016-2786 (The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 ...)
 	- puppet <not-affected> (pxp-agent not packaged in Debian)
 	NOTE: https://puppet.com/security/cve/cve-2016-2786
@@ -40235,7 +40235,7 @@
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3 (v2.4.0-rc0)
 	TODO: check again after the CVE id split
 CVE-2016-2783 (Avaya Fabric Connect Virtual Services Platform (VSP) Operating System ...)
-	TODO: check
+	NOT-FOR-US: Avaya
 CVE-2016-2780 (Untrusted search path vulnerability in Huawei UTPS before ...)
 	NOT-FOR-US: Huawei UTPS
 CVE-2016-2778
@@ -51669,9 +51669,9 @@
 CVE-2015-7867
 	RESERVED
 CVE-2015-7866 (Unquoted Windows search path vulnerability in the Smart Maximize ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2015-7865 (nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2015-7864
 	RESERVED
 CVE-2015-7863 (The default configuration of Persistent Accelerite Radia Client ...)
@@ -52086,7 +52086,7 @@
 	[jessie] - mariadb-10.0 10.0.22-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2015-7743 (XML external entity vulnerability in PRTG Network Monitor before ...)
-	TODO: check
+	NOT-FOR-US: PRTG Network Monitor
 CVE-2015-7742
 	RESERVED
 CVE-2015-7741
@@ -54508,9 +54508,9 @@
 CVE-2015-6856 (Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local ...)
 	NOT-FOR-US: Dell
 CVE-2015-6854 (The non-Domino web agents in CA Single Sign-On (aka SSO, formerly ...)
-	TODO: check
+	NOT-FOR-US: CA Single Sign-On
 CVE-2015-6853 (The Domino web agent in CA Single Sign-On (aka SSO, formerly ...)
-	TODO: check
+	NOT-FOR-US: CA Single Sign-On
 CVE-2015-6852 (Directory traversal vulnerability in the API in EMC Secure Remote ...)
 	NOT-FOR-US: EMC Secure Remote Services Virtual Edition
 CVE-2015-6851 (EMC RSA SecurID Web Agent before 8.0 allows physically proximate ...)

More information about the Secure-testing-commits mailing list