[Secure-testing-commits] r51887 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue May 23 17:11:37 UTC 2017 

Author: jmm
Date: 2017-05-23 17:11:37 +0000 (Tue, 23 May 2017)
New Revision: 51887

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-23 17:06:26 UTC (rev 51886)
+++ data/CVE/list	2017-05-23 17:11:37 UTC (rev 51887)
@@ -754,11 +754,11 @@
 CVE-2017-8916
 	RESERVED
 CVE-2017-8915 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-8914 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-8913 (The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-8912 (** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-8911 (An integer underflow has been identified in the unicode_to_utf8() ...)
@@ -5161,7 +5161,7 @@
 CVE-2017-7289
 	RESERVED
 CVE-2017-7288 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2017-7287
 	RESERVED
 CVE-2017-7286
@@ -6602,7 +6602,7 @@
 CVE-2017-6822
 	RESERVED
 CVE-2017-6821 (Directory traversal vulnerability in Zimbra Collaboration Suite (aka ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2017-6820 (rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is ...)
 	{DLA-855-1}
 	- roundcube 1.2.3+dfsg.1-3 (bug #857473)
@@ -6611,7 +6611,7 @@
 	NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-124
 	NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.1.8
 CVE-2017-6813 (A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2017-6812 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: MaNGOSWebV4
 CVE-2017-6811 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
@@ -9041,9 +9041,9 @@
 	- linux 4.9.13-1 (low)
 	[jessie] - linux 3.16.43-1
 CVE-2017-5966 (Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators ...)
-	TODO: check
+	NOT-FOR-US: Sitecore
 CVE-2017-5965 (The package manager in Sitecore CRM 8.1 Rev 151207 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Sitecore
 CVE-2017-5964 (An issue was discovered in Emoncms through 9.8.0. The vulnerability ...)
 	NOT-FOR-US: Emoncms
 CVE-2017-5963 (An issue was discovered in caddy (for TYPO3) before 7.2.10. The ...)

More information about the Secure-testing-commits mailing list