[Secure-testing-commits] r57804 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Nov 18 22:38:25 UTC 2017


Author: carnil
Date: 2017-11-18 22:38:25 +0000 (Sat, 18 Nov 2017)
New Revision: 57804

Modified:
   data/CVE/list
Log:
Mark CVE-2017-16881 as NFU

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-18 22:37:15 UTC (rev 57803)
+++ data/CVE/list	2017-11-18 22:38:25 UTC (rev 57804)
@@ -8,7 +8,7 @@
 	NOTE: But Debian does not install the binaries nor configuration files as
 	NOTE: respective icinga user.
 CVE-2017-16881 (b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON ...)
-	TODO: check
+	NOT-FOR-US: b3log Symphony
 CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...)
 	NOT-FOR-US: filp whoops
 CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...)




More information about the Secure-testing-commits mailing list