[Secure-testing-commits] r51674 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue May 16 09:12:50 UTC 2017 

Author: jmm
Date: 2017-05-16 09:12:50 +0000 (Tue, 16 May 2017)
New Revision: 51674

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-16 09:10:13 UTC (rev 51673)
+++ data/CVE/list	2017-05-16 09:12:50 UTC (rev 51674)
@@ -197,9 +197,9 @@
 	[wheezy] - menu-cache <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://git.lxde.org/gitweb/?p=lxde/menu-cache.git;a=commitdiff;h=56f66684592abf257c4004e6e1fff041c64a12ce
 CVE-2017-8927 (Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: Larson VizEx Reader
 CVE-2017-8926 (Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: Halliburton LogView Pro
 CVE-2017-8925 (The omninet_open function in drivers/usb/serial/omninet.c in the Linux ...)
 	- linux 4.9.16-1 (low)
 	NOTE: Fixed by: https://git.kernel.org/linus/30572418b445d85fcfe6c8fe84c947d2606767d8
@@ -1506,7 +1506,7 @@
 CVE-2017-8383 (Craft CMS before 2.6.2976 does not properly restrict viewing the ...)
 	NOT-FOR-US: Craft CMS
 CVE-2017-8382 (admidio 3.2.8 has CSRF in ...)
-	TODO: check
+	NOT-FOR-US: admidio
 CVE-2017-8381
 	RESERVED
 CVE-2017-8380 [scsi: megasas: out-of-bounds read in  megasas_mmio_write]
@@ -2605,9 +2605,9 @@
 CVE-2017-7954
 	RESERVED
 CVE-2017-7953 (INFOR EAM V11.0 Build 201410 has XSS via comment fields. ...)
-	TODO: check
+	NOT-FOR-US: INFOR EAM
 CVE-2017-7952 (INFOR EAM V11.0 Build 201410 has SQL injection via search fields, ...)
-	TODO: check
+	NOT-FOR-US: INFOR EAM
 CVE-2017-7951 (WonderCMS before 2.0.3 has CSRF because of lack of a token in an ...)
 	NOT-FOR-US: WonderCMS
 CVE-2017-7950
@@ -21993,7 +21993,7 @@
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 CVE-2016-9750 (IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9749
 	RESERVED
 CVE-2016-9748 (IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive ...)
@@ -22023,7 +22023,7 @@
 CVE-2016-9736
 	RESERVED
 CVE-2016-9735 (IBM Jazz Foundation could allow an authenticated user to obtain ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9734
 	RESERVED
 CVE-2016-9733
@@ -35851,7 +35851,7 @@
 CVE-2016-5980 (IBM TRIRIGA Application Platform is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2016-5979 (IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-5978 (Cross-site scripting (XSS) vulnerability in the Web UI in the web ...)
 	NOT-FOR-US: IBM
 CVE-2016-5977 (Open redirect vulnerability in the web portal in IBM Tealeaf Customer ...)

More information about the Secure-testing-commits mailing list