[Secure-testing-commits] r50116 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 28 05:30:57 UTC 2017 

Author: carnil
Date: 2017-03-28 05:30:57 +0000 (Tue, 28 Mar 2017)
New Revision: 50116

Modified:
   data/CVE/list
Log:
Process TODO list, yii-framework itp'ed and NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-28 05:10:10 UTC (rev 50115)
+++ data/CVE/list	2017-03-28 05:30:57 UTC (rev 50116)
@@ -28,7 +28,7 @@
 	NOTE: https://github.com/radare/radare2/commit/7ab66cca5bbdf6cb2d69339ef4f513d95e532dbf
 	NOTE: https://github.com/radare/radare2/issues/7152
 CVE-2017-7271 (Reflected Cross-site scripting (XSS) vulnerability in Yii Framework ...)
-	TODO: check
+	- yii-framework <itp> (bug #597899)
 CVE-2017-7270
 	RESERVED
 CVE-2017-7273 (The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux ...)
@@ -367,7 +367,7 @@
 CVE-2017-7185
 	RESERVED
 CVE-2017-7183 (The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: ExtraPuTTY
 CVE-2017-7182
 	RESERVED
 CVE-2017-7181
@@ -1039,7 +1039,7 @@
 CVE-2017-6879
 	RESERVED
 CVE-2017-6878 (Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows ...)
-	TODO: check
+	NOT-FOR-US: MetInfo
 CVE-2017-6877 (Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim ...)
 	NOT-FOR-US: Lutim
 CVE-2017-6876
@@ -19693,7 +19693,7 @@
 CVE-2016-9253
 	RESERVED
 CVE-2016-9252 (The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2016-9251
 	RESERVED
 CVE-2016-9250
@@ -25219,7 +25219,7 @@
 CVE-2016-7475
 	RESERVED
 CVE-2016-7474 (In some cases the MCPD binary cache in F5 BIG-IP devices may allow a ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2016-7473
 	RESERVED
 CVE-2016-7472
@@ -50777,9 +50777,9 @@
 CVE-2015-8311
 	RESERVED
 CVE-2015-8310 (Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 ...)
-	TODO: check
+	NOT-FOR-US: Cherry Music
 CVE-2015-8309 (Directory traversal vulnerability in Cherry Music before 0.36.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Cherry Music
 CVE-2015-8307 (The Graphics driver in Huawei P8 smartphones with software GRA-TL00 ...)
 	NOT-FOR-US: Huawei
 CVE-2015-8306 (Buffer overflow in the HIFI driver in Huawei P8 phones with software ...)
@@ -73220,9 +73220,9 @@
 CVE-2015-0865
 	RESERVED
 CVE-2015-0864 (Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2015-0863 (GALAXY Apps (aka Samsung Apps, Samsung Updates, or ...)
-	TODO: check
+	NOT-FOR-US: Samsung GALAXY Apps
 CVE-2015-0862 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
 	- rabbitmq-server 3.4.3-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list