[Secure-testing-commits] r49797 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sun Mar 19 17:58:21 UTC 2017 

Author: jmm
Date: 2017-03-19 17:58:21 +0000 (Sun, 19 Mar 2017)
New Revision: 49797

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-19 17:53:40 UTC (rev 49796)
+++ data/CVE/list	2017-03-19 17:58:21 UTC (rev 49797)
@@ -40228,7 +40228,6 @@
 	- qemu-kvm <not-affected> (Affects Qemu versions >= 1.6.0 and <= 2.3.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/01/10
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=b242e0e0e2969c044a318e56f7988bbd84de1f63 (v2.4.0-rc0)
-	TODO: check again after the CVE id split
 CVE-2015-8817 (QEMU (aka Quick Emulator) built to use 'address_space_translate' to ...)
 	- qemu 1:2.4+dfsg-1a
 	[jessie] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA)
@@ -40239,7 +40238,6 @@
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459 (v2.3.0-rc1)
 	NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3 (v2.4.0-rc0)
-	TODO: check again after the CVE id split
 CVE-2016-2783 (Avaya Fabric Connect Virtual Services Platform (VSP) Operating System ...)
 	NOT-FOR-US: Avaya
 CVE-2016-2780 (Untrusted search path vulnerability in Huawei UTPS before ...)
@@ -47447,9 +47445,9 @@
 	[squeeze] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-0771.html
 CVE-2016-0770 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2016-0769 (Multiple SQL injection vulnerabilities in eshop-orders.php in the ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2016-0768
 	RESERVED
 CVE-2016-0767
@@ -47461,7 +47459,7 @@
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 CVE-2016-0765 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2016-0764 [Race conditions that could disclose connection secrets to authenticated local users]
 	RESERVED
 	- network-manager 1.1.91-1 (bug #820354)

More information about the Secure-testing-commits mailing list