[Secure-testing-commits] r57707 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Nov 17 09:33:04 UTC 2017 

Author: jmm
Date: 2017-11-17 09:33:04 +0000 (Fri, 17 Nov 2017)
New Revision: 57707

Modified:
   data/CVE/list
Log:
NFUs, some need further investigation with Mono maintainers


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-17 09:29:52 UTC (rev 57706)
+++ data/CVE/list	2017-11-17 09:33:04 UTC (rev 57707)
@@ -14297,7 +14297,7 @@
 CVE-2017-11884 (Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11883 (.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to ...)
-	TODO: check
+	TODO: check with Debian mono maintainers
 CVE-2017-11882 (Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11881
@@ -14305,7 +14305,7 @@
 CVE-2017-11880 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11879 (ASP.NET Core 2.0 allows an attacker to steal log-in session ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11878 (Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11877 (Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack ...)
@@ -14523,7 +14523,7 @@
 CVE-2017-11771 (The Microsoft Windows Search component on Microsoft Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11770 (.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to ...)
-	TODO: check
+	TODO: check with Debian mono maintainers
 CVE-2017-11769 (The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11768 (Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 ...)
@@ -23880,7 +23880,7 @@
 CVE-2017-8701
 	RESERVED
 CVE-2017-8700 (ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-8699 (Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8698

More information about the Secure-testing-commits mailing list