[Secure-testing-commits] r57667 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Nov 15 21:18:11 UTC 2017 

Author: carnil
Date: 2017-11-15 21:18:11 +0000 (Wed, 15 Nov 2017)
New Revision: 57667

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-15 21:10:20 UTC (rev 57666)
+++ data/CVE/list	2017-11-15 21:18:11 UTC (rev 57667)
@@ -4118,13 +4118,13 @@
 	- mahara <removed>
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8081
 CVE-2017-15272 (The PSFTPd 10.0.4 Build 729 server stores its configuration inside ...)
-	TODO: check
+	NOT-FOR-US: PSFTPd
 CVE-2017-15271 (A use-after-free issue could be triggered remotely in the SFTP ...)
-	TODO: check
+	NOT-FOR-US: PSFTPd
 CVE-2017-15270 (The PSFTPd 10.0.4 Build 729 server does not properly escape data ...)
-	TODO: check
+	NOT-FOR-US: PSFTPd
 CVE-2017-15269 (The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans ...)
-	TODO: check
+	NOT-FOR-US: PSFTPd
 CVE-2017-15268 (Qemu through 2.10.0 allows remote attackers to cause a memory leak by ...)
 	- qemu <unfixed> (bug #880836)
 	[stretch] - qemu <no-dsa> (Minor issue)
@@ -5105,7 +5105,7 @@
 CVE-2017-14962
 	RESERVED
 CVE-2017-14961 (In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an ...)
-	TODO: check
+	NOT-FOR-US: IKARUS anti.virus
 CVE-2017-14960
 	RESERVED
 CVE-2017-14959
@@ -12031,9 +12031,9 @@
 	- couchdb <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
 CVE-2017-12634 (The camel-castor component in Apache Camel 2.x before 2.19.4 and ...)
-	TODO: check
+	NOT-FOR-US: Apache Camel
 CVE-2017-12633 (The camel-hessian component in Apache Camel 2.x before 2.19.4 and ...)
-	TODO: check
+	NOT-FOR-US: Apache Camel
 CVE-2017-12632
 	RESERVED
 CVE-2017-12631
@@ -14007,29 +14007,29 @@
 CVE-2017-11850 (Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11849 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11848 (Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11847 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11846 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11845 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11844 (Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11843 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11842 (Windows kernel in Windows 8.1 and RT 8.1, Server 2012 and R2, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11841 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11840 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11839 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11838 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11837 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
 	TODO: check
 CVE-2017-11836 (ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
@@ -21300,11 +21300,11 @@
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d68f0f778e7f4fbd674627274267f269e40f0b04
 CVE-2017-9371 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
 CVE-2017-9370 (An information disclosure / elevation of privilege vulnerability in ...)
 	NOT-FOR-US: BlackBerry
 CVE-2017-9369 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
 CVE-2017-9368 (An information disclosure vulnerability in the BlackBerry Workspaces ...)
 	NOT-FOR-US: BlackBerry Workspaces Server
 CVE-2017-9367 (A directory traversal vulnerability in the BlackBerry Workspaces ...)
@@ -38374,11 +38374,11 @@
 CVE-2017-3894 (A stored cross site scripting vulnerability in the Management Console ...)
 	NOT-FOR-US: BlackBerry
 CVE-2017-3893 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
 CVE-2017-3892 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
 CVE-2017-3891 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
 CVE-2017-3890 (A reflected cross-site scripting vulnerability in the BlackBerry ...)
 	NOT-FOR-US: BlackBerry
 CVE-2017-3889 (A vulnerability in the web interface of the Cisco Registered Envelope ...)

More information about the Secure-testing-commits mailing list