[Secure-testing-commits] r49875 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Mar 21 10:00:09 UTC 2017 

Author: jmm
Date: 2017-03-21 10:00:09 +0000 (Tue, 21 Mar 2017)
New Revision: 49875

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-21 09:57:26 UTC (rev 49874)
+++ data/CVE/list	2017-03-21 10:00:09 UTC (rev 49875)
@@ -15622,7 +15622,7 @@
 CVE-2017-1156
 	RESERVED
 CVE-2017-1155 (IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1154
 	RESERVED
 CVE-2017-1153
@@ -15630,7 +15630,7 @@
 CVE-2017-1152
 	RESERVED
 CVE-2017-1151 (IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1150 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) ...)
 	NOT-FOR-US: IBM
 CVE-2017-1149
@@ -15640,9 +15640,9 @@
 CVE-2017-1147
 	RESERVED
 CVE-2017-1146 (IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1145 (IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1144
 	RESERVED
 CVE-2017-1143
@@ -15664,7 +15664,7 @@
 CVE-2017-1135
 	RESERVED
 CVE-2017-1134 (IBM Power Hardware Management Console (HMC) 3.3.2 and 4.1 could allow ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1133 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
 CVE-2017-1132
@@ -16291,13 +16291,13 @@
 CVE-2016-9698
 	RESERVED
 CVE-2016-9697 (An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9696 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9695
 	RESERVED
 CVE-2016-9694 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9693 (IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download ...)
 	NOT-FOR-US: IBM
 CVE-2016-9692
@@ -19553,7 +19553,7 @@
 CVE-2016-9166
 	RESERVED
 CVE-2016-9165 (The get_sessions servlet in CA Unified Infrastructure Management ...)
-	TODO: check
+	NOT-FOR-US: CA Unified Infrastructure Management
 CVE-2016-9164 (Directory traversal vulnerability in diag.jsp file in CA Unified ...)
 	NOT-FOR-US: CA Unified Infrastructure Management
 CVE-2016-9163
@@ -20171,7 +20171,7 @@
 CVE-2016-8974 (IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, ...)
 	NOT-FOR-US: IBM
 CVE-2016-8973 (IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-8972 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root ...)
 	NOT-FOR-US: IBM
 CVE-2016-8971 (IBM WebSphere MQ 8.0 could allow an authenticated user with queue ...)
@@ -34186,17 +34186,17 @@
 CVE-2016-4932
 	RESERVED
 CVE-2016-4931 (XML entity injection in Junos Space before 15.2R2 allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2016-4930 (Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2016-4929 (Command injection vulnerability in Junos Space before 15.2R2 allows ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2016-4928 (Cross site request forgery vulnerability in Junos Space before 15.2R2 ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2016-4927 (Insufficient validation of SSH keys in Junos Space before 15.2R2 ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2016-4926 (Insufficient authentication vulnerability in Junos Space before 15.2R2 ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2016-4925
 	RESERVED
 CVE-2016-4924
@@ -39552,7 +39552,7 @@
 CVE-2016-2982
 	RESERVED
 CVE-2016-2981 (An undisclosed vulnerability in the CLM applications in IBM Jazz Team ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2980
 	RESERVED
 CVE-2016-2979
@@ -41435,7 +41435,7 @@
 CVE-2016-2407
 	RESERVED
 CVE-2016-2406 (The permission control module in Huawei Document Security Management ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2016-2405 (Huawei Policy Center with software before V100R003C10SPC020 allows ...)
 	NOT-FOR-US: Huawei
 CVE-2016-2404
@@ -69865,7 +69865,7 @@
 	RESERVED
 	NOT-FOR-US: OpenDaylight
 CVE-2015-1610 (hosttracker in OpenDaylight l2switch allows remote attackers to change ...)
-	TODO: check
+	NOT-FOR-US: OpenDaylight
 CVE-2015-1609 (MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers ...)
 	- mongodb 1:2.4.10-5 (bug #780129)
 	[wheezy] - mongodb <not-affected> (BSONElement::validate() checks length, problematic code introduced later)

More information about the Secure-testing-commits mailing list