[Secure-testing-commits] r50198 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Mar 30 10:25:20 UTC 2017
Author: carnil
Date: 2017-03-30 10:25:20 +0000 (Thu, 30 Mar 2017)
New Revision: 50198
Modified:
data/CVE/list
Log:
Process some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-30 09:25:57 UTC (rev 50197)
+++ data/CVE/list 2017-03-30 10:25:20 UTC (rev 50198)
@@ -1,13 +1,13 @@
CVE-2017-7324 (setup/templates/findcore.php in MODX Revolution 2.5.4-pl and earlier ...)
- TODO: check
+ NOT-FOR-US: MODX Revolution
CVE-2017-7323 (The (1) update and (2) package-installation features in MODX ...)
- TODO: check
+ NOT-FOR-US: MODX Revolution
CVE-2017-7322 (The (1) update and (2) package-installation features in MODX ...)
- TODO: check
+ NOT-FOR-US: MODX Revolution
CVE-2017-7321 (setup/controllers/welcome.php in MODX Revolution 2.5.4-pl and earlier ...)
- TODO: check
+ NOT-FOR-US: MODX Revolution
CVE-2017-7320 (setup/controllers/language.php in MODX Revolution 2.5.4-pl and earlier ...)
- TODO: check
+ NOT-FOR-US: MODX Revolution
CVE-2017-7319
RESERVED
CVE-2017-7318 (Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command ...)
@@ -34431,7 +34431,7 @@
CVE-2016-4977
RESERVED
CVE-2016-4976 (Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on ...)
- TODO: check
+ NOT-FOR-US: Apache Ambari
CVE-2016-4975
RESERVED
CVE-2016-4974 (Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before ...)
@@ -91204,7 +91204,7 @@
NOTE: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c?r1=1618401&r2=1638818
NOTE: Only exploitable by a malicious fcgi script.
CVE-2014-3582 (The certificate signing REST API in Apache Ambari before 2.4.0 allows ...)
- TODO: check
+ NOT-FOR-US: Apache Ambari
CVE-2014-3581 (The cache_merge_headers_out function in modules/cache/cache_util.c in ...)
{DLA-71-1}
- apache2 2.4.10-3
More information about the Secure-testing-commits
mailing list