[Secure-testing-commits] r51987 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat May 27 09:51:53 UTC 2017
Author: carnil
Date: 2017-05-27 09:51:53 +0000 (Sat, 27 May 2017)
New Revision: 51987
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-27 09:42:44 UTC (rev 51986)
+++ data/CVE/list 2017-05-27 09:51:53 UTC (rev 51987)
@@ -3979,7 +3979,7 @@
CVE-2017-7732
RESERVED
CVE-2017-7731 (A weak password recovery vulnerability in Fortinet FortiPortal ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiPortal
CVE-2017-7730
RESERVED
CVE-2017-7729
@@ -5161,7 +5161,7 @@
CVE-2017-7344
RESERVED
CVE-2017-7343 (An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiPortal
CVE-2017-7342
RESERVED
CVE-2017-7341
@@ -5169,11 +5169,11 @@
CVE-2017-7340
RESERVED
CVE-2017-7339 (A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiPortal
CVE-2017-7338 (A password management vulnerability in Fortinet FortiPortal versions ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiPortal
CVE-2017-7337 (An improper Access Control vulnerability in Fortinet FortiPortal ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiPortal
CVE-2017-7336
RESERVED
CVE-2017-7335
@@ -10252,7 +10252,7 @@
NOTE: Fixed by: http://svn.apache.org/r1789155 (6.0.x)
NOTE: Fixed by: http://svn.apache.org/r1789856 (6.0.x)
CVE-2017-5646 (For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated ...)
- TODO: check
+ NOT-FOR-US: Apache Knox
CVE-2017-5645 (In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or ...)
- apache-log4j2 2.7-2 (bug #860489)
[jessie] - apache-log4j2 <no-dsa> (Minor issue, no consumers of liblog4j2-java in Jessie)
@@ -17645,7 +17645,7 @@
NOTE: https://kb.isc.org/article/AA-01453
NOTE: Patch for 9.9.9-P6: ftp://ftp.isc.org/isc/bind9/9.9.9-P6/patches/rt44434
CVE-2017-3134 (An escalation of privilege vulnerability in Fortinet FortiWLC-SD ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiWLC-SD
CVE-2017-3133
RESERVED
CVE-2017-3132
@@ -17655,13 +17655,13 @@
CVE-2017-3130
RESERVED
CVE-2017-3129 (A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiWeb
CVE-2017-3128 (A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS ...)
NOT-FOR-US: Fortinet FortiOS
CVE-2017-3127
RESERVED
CVE-2017-3126 (An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiAnalyzer
CVE-2017-3125 (An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and ...)
NOT-FOR-US: FortiMail
CVE-2017-3124
@@ -28225,9 +28225,9 @@
CVE-2016-8498
RESERVED
CVE-2016-8497 (An escalation of privilege vulnerability in Fortinet FortiClient ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiClient SSL_VPN Linux
CVE-2016-8496 (A potential execution of unauthorized code or commands vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiClient SSL_VPN Linux
CVE-2016-8495 (An improper certificate validation vulnerability in Fortinet ...)
NOT-FOR-US: FortiManager
CVE-2016-8494 (Insufficient verification of uploaded files allows attackers with ...)
More information about the Secure-testing-commits
mailing list