[Secure-testing-commits] r56305 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Oct 1 07:48:43 UTC 2017
Author: jmm
Date: 2017-10-01 07:48:43 +0000 (Sun, 01 Oct 2017)
New Revision: 56305
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-01 07:45:36 UTC (rev 56304)
+++ data/CVE/list 2017-10-01 07:48:43 UTC (rev 56305)
@@ -2588,7 +2588,8 @@
CVE-2017-14002
RESERVED
CVE-2017-14001 (An Improper Neutralization of Special Elements used in an OS Command ...)
- TODO: check
+ NOT-FOR-US: Asterisk GUI
+ NOTE: Different from standard asterisk: https://wiki.asterisk.org/wiki/display/AST/Asterisk+GUI
CVE-2017-14000
RESERVED
CVE-2017-13999
@@ -3474,7 +3475,7 @@
NOTE: http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html
NOTE: Crash in the command-line shell program, not the the core SQLite library.
CVE-2017-13684 (Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE ...)
- TODO: check
+ NOT-FOR-US: Unisys Libra
CVE-2017-13683
RESERVED
CVE-2017-13682
@@ -5279,7 +5280,7 @@
CVE-2017-12906 (Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow ...)
NOT-FOR-US: NexusPHP
CVE-2017-12905 (Server Side Request Forgery vulnerability in Vebto Pixie Image Editor ...)
- TODO: check
+ NOT-FOR-US: Vebto Pixie Image Editor
CVE-2017-12904 (Improper Neutralization of Special Elements used in an OS Command in ...)
{DSA-3947-1 DLA-1061-1}
- newsbeuter 2.9-6
More information about the Secure-testing-commits
mailing list