[Secure-testing-commits] r57220 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Nov 1 22:07:09 UTC 2017 

Author: jmm
Date: 2017-11-01 22:07:09 +0000 (Wed, 01 Nov 2017)
New Revision: 57220

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-01 21:52:57 UTC (rev 57219)
+++ data/CVE/list	2017-11-01 22:07:09 UTC (rev 57220)
@@ -331,11 +331,11 @@
 	NOTE: https://github.com/pluxml/PluXml/issues/253
 	TODO: check
 CVE-2017-1000244 (Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2017-1000243 (Jenkins Favorite Plugin 2.1.4 and older does not perform permission ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2017-1000242 (Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2017-16351
 	RESERVED
 CVE-2017-16350
@@ -589,7 +589,7 @@
 CVE-2016-10699 (D-Link DSL-2740E 1.00_BG_20150720 devices are prone to persistent XSS ...)
 	NOT-FOR-US: D-Link devices
 CVE-2015-9245 (Insecure default configuration in Progress Software OpenEdge 10.2x and ...)
-	TODO: check
+	NOT-FOR-US: Progress Software OpenEdge
 CVE-2017-16232 [memory-based DoS in tiff2bw]
 	RESERVED
 	- tiff <unfixed> (low)
@@ -1654,11 +1654,11 @@
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=d4d488b0e5ab13dda241d688d87a07816368f117
 CVE-2017-15921 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro ...)
-	TODO: check
+	NOT-FOR-US: Watchdog Anti-Malware
 CVE-2017-15920 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro ...)
-	TODO: check
+	NOT-FOR-US: Watchdog Anti-Malware
 CVE-2017-15918 (Sera 1.2 stores the user's login password in plain text in their home ...)
-	TODO: check
+	NOT-FOR-US: Sera
 CVE-2017-15917 (In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create ...)
 	NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2017-15908 (In systemd 223 through 235, a remote DNS server can respond with a ...)
@@ -1730,7 +1730,7 @@
 CVE-2017-15889
 	RESERVED
 CVE-2017-15888 (Cross-site scripting (XSS) vulnerability in Custom Internet Radio List ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2017-15887
 	RESERVED
 CVE-2017-15886
@@ -1738,7 +1738,7 @@
 CVE-2017-15885 (Reflected XSS in the web administration portal on the Axis 2100 Network ...)
 	NOT-FOR-US: Axis
 CVE-2017-15884 (In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-15883
 	RESERVED
 CVE-2017-15882 (The London Trust Media Private Internet Access (PIA) application before ...)
@@ -6847,7 +6847,7 @@
 CVE-2017-14028
 	RESERVED
 CVE-2017-14027 (A Use of Hard-coded Credentials issue was discovered in Korenix JetNet ...)
-	TODO: check
+	NOT-FOR-US: Korenix
 CVE-2017-14026
 	RESERVED
 CVE-2017-14025
@@ -6859,7 +6859,7 @@
 CVE-2017-14022
 	RESERVED
 CVE-2017-14021 (A Use of Hard-coded Cryptographic Key issue was discovered in Korenix ...)
-	TODO: check
+	NOT-FOR-US: Korenix
 CVE-2017-14020
 	RESERVED
 CVE-2017-14019 (An Unquoted Search Path or Element issue was discovered in Progea ...)
@@ -15833,7 +15833,7 @@
 CVE-2017-10954 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Bitdefender Internet Security Internet Security 2018
 CVE-2017-10953 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10952 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2017-10951 (This vulnerability allows remote attackers to execute arbitrary code ...)
@@ -15843,23 +15843,23 @@
 CVE-2017-10949 (Directory Traversal in Dell Storage Manager 2016 R2.1 causes ...)
 	NOT-FOR-US: Dell Storage Manager
 CVE-2017-10948 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10947 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10946 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10945 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10944 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10943 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10942 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10941 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2017-10940 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Joyent
 CVE-2017-10939
 	RESERVED
 CVE-2017-10938
@@ -151805,9 +151805,9 @@
 	NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
 	NOTE: upstream needs a proper sample to reproduce the issue
 CVE-2012-5358 (The XSLTCompiledTransform function in Ektron Content Management System ...)
-	TODO: check
+	NOT-FOR-US: Ektron Content Management System
 CVE-2012-5357 (Ektron Content Management System (CMS) before 8.02 SP5 uses the ...)
-	TODO: check
+	NOT-FOR-US: Ektron Content Management System
 CVE-2012-5356 (The apt-add-repository tool in Ubuntu Software Properties 0.75.x ...)
 	NOT-FOR-US: apt-add-repository
 CVE-2012-5355 (welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to ...)

More information about the Secure-testing-commits mailing list