[Secure-testing-commits] r56715 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Oct 15 11:57:26 UTC 2017 

Author: carnil
Date: 2017-10-15 11:57:26 +0000 (Sun, 15 Oct 2017)
New Revision: 56715

Modified:
   data/CVE/list
Log:
Process some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-15 09:10:24 UTC (rev 56714)
+++ data/CVE/list	2017-10-15 11:57:26 UTC (rev 56715)
@@ -105,9 +105,9 @@
 CVE-2017-15306
 	RESERVED
 CVE-2017-15305 (XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php. ...)
-	TODO: check
+	NOT-FOR-US: NexusPHP
 CVE-2017-15304 (/bin/login.php in the Web Panel on the Airtame HDMI dongle with ...)
-	TODO: check
+	NOT-FOR-US:  Airtame HDMI dongle
 CVE-2017-15303
 	RESERVED
 CVE-2017-15302
@@ -115,7 +115,7 @@
 CVE-2017-15301
 	RESERVED
 CVE-2017-15300 (The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b ...)
-	TODO: check
+	NOT-FOR-US: EWBF Cuda Zcash Miner
 CVE-2017-15299 (The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of ...)
 	- linux <unfixed>
 CVE-2017-15298 (Git through 2.14.2 mishandles layers of tree objects, which allows ...)
@@ -9813,7 +9813,7 @@
 CVE-2017-11802 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11801 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11800 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11799 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
@@ -9821,7 +9821,7 @@
 CVE-2017-11798 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11797 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-11796 (ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11795
@@ -9843,7 +9843,7 @@
 CVE-2017-11787
 	RESERVED
 CVE-2017-11786 (Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business ...)
-	TODO: check
+	NOT-FOR-US: Skype
 CVE-2017-11785 (The Microsoft Windows Kernel component on Microsoft Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11784 (The Microsoft Windows Kernel component on Microsoft Windows Server ...)

More information about the Secure-testing-commits mailing list