[Secure-testing-commits] r56790 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Oct 17 21:21:27 UTC 2017


Author: jmm
Date: 2017-10-17 21:21:27 +0000 (Tue, 17 Oct 2017)
New Revision: 56790

Modified:
   data/CVE/list
Log:
NFUs
two potential jasperreports issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-17 21:15:35 UTC (rev 56789)
+++ data/CVE/list	2017-10-17 21:21:27 UTC (rev 56790)
@@ -1,5 +1,5 @@
 CVE-2017-15538 (Stored XSS vulnerability in the Media Objects component of ILIAS before ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2017-15536
 	RESERVED
 CVE-2017-15535
@@ -27228,7 +27228,7 @@
 CVE-2017-6274
 	RESERVED
 CVE-2017-6273 (NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA ADSP Firmware
 CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
 	[experimental] - nvidia-graphics-drivers 384.90-1
 	- nvidia-graphics-drivers <unfixed> (bug #876414)
@@ -29584,13 +29584,13 @@
 CVE-2017-5532
 	RESERVED
 CVE-2017-5531 (Deployments of TIBCO Managed File Transfer Command Center versions ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2017-5530
 	RESERVED
 CVE-2017-5529 (JasperReports library components contain an information disclosure ...)
-	NOT-FOR-US: JasperReports
+	- jasperreports <undetermined>
 CVE-2017-5528 (Multiple JasperReports Server components contain vulnerabilities ...)
-	NOT-FOR-US: JasperReports
+	- jasperreports <undetermined>
 CVE-2017-5527 (TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x ...)
 	NOT-FOR-US: TIBCO Spotfire Server
 CVE-2016-10162 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x ...)
@@ -34525,13 +34525,13 @@
 CVE-2017-3762
 	RESERVED
 CVE-2017-3761 (The Lenovo Service Framework Android application executes some system ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3760 (The Lenovo Service Framework Android application uses a set of ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3759 (The Lenovo Service Framework Android application accepts some ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3758 (Improper access controls on several Android components in the Lenovo ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3757 (An unquoted service path vulnerability was identified in the driver ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3756 (A privilege escalation vulnerability was identified in Lenovo Active ...)
@@ -43651,7 +43651,7 @@
 CVE-2017-0317 (All versions of NVIDIA GPU and GeForce Experience installer contain a ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2017-0316 (In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA Installer Framework
 CVE-2017-0315 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2017-0314 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
@@ -77876,7 +77876,7 @@
 CVE-2015-7807
 	RESERVED
 CVE-2015-7806 (Eval injection vulnerability in the fm_saveHelperGatherItems function ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2015-7805 (Heap-based buffer overflow in libsndfile 1.0.25 allows remote ...)
 	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804445)
@@ -93723,7 +93723,7 @@
 	NOTE: http://article.gmane.org/gmane.comp.security.oss.general/15022
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=19493
 CVE-2014-9697 (Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2014-9696 (The Hyper Module Management (HMM) software of Huawei Tecal E9000 ...)
 	NOT-FOR-US: Huawei
 CVE-2014-9695 (The Hyper Module Management (HMM) software of Huawei Tecal E9000 ...)




More information about the Secure-testing-commits mailing list