[Secure-testing-commits] r56860 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Oct 19 09:35:08 UTC 2017 

Author: carnil
Date: 2017-10-19 09:35:08 +0000 (Thu, 19 Oct 2017)
New Revision: 56860

Modified:
   data/CVE/list
Log:
Process some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-19 09:24:42 UTC (rev 56859)
+++ data/CVE/list	2017-10-19 09:35:08 UTC (rev 56860)
@@ -9359,23 +9359,23 @@
 CVE-2017-12302
 	RESERVED
 CVE-2017-12301 (A vulnerability in the Python scripting subsystem of Cisco NX-OS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12300
 	RESERVED
 CVE-2017-12299
 	RESERVED
 CVE-2017-12298 (A vulnerability in Cisco WebEx Meeting Center could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12297
 	RESERVED
 CVE-2017-12296 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12295
 	RESERVED
 CVE-2017-12294
 	RESERVED
 CVE-2017-12293 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12292
 	RESERVED
 CVE-2017-12291
@@ -9383,17 +9383,17 @@
 CVE-2017-12290
 	RESERVED
 CVE-2017-12289 (A vulnerability in conditional, verbose debug logging for the IPsec ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12288 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12287 (A vulnerability in the cluster database (CDB) management component of ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12286 (A vulnerability in the web interface of Cisco Jabber could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12285 (A vulnerability in the web interface of Cisco Network Analysis Module ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12284 (A vulnerability in the web interface of Cisco Jabber for Windows Client ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12283
 	RESERVED
 CVE-2017-12282
@@ -9417,9 +9417,9 @@
 CVE-2017-12273
 	RESERVED
 CVE-2017-12272 (A vulnerability in the web framework code of Cisco IOS XE Software ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12271 (A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12270 (A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12269 (A vulnerability in the web UI of Cisco Spark Messaging Software could ...)
@@ -9441,9 +9441,9 @@
 CVE-2017-12261
 	RESERVED
 CVE-2017-12260 (A vulnerability in the implementation of Session Initiation Protocol ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12259 (A vulnerability in the implementation of Session Initiation Protocol ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12258 (A vulnerability in the web-based UI of Cisco Unified Communications ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12257 (A vulnerability in the web framework of Cisco WebEx Meetings Server ...)
@@ -9459,7 +9459,7 @@
 CVE-2017-12252 (A vulnerability in the Cisco FindIT Network Discovery Utility could ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12251 (A vulnerability in the web console of the Cisco Cloud Services Platform ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12250 (A vulnerability in the HTTP web interface for Cisco Wide Area ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12249 (A vulnerability in the Traversal Using Relay NAT (TURN) server included ...)
@@ -34693,7 +34693,7 @@
 CVE-2017-3884 (A vulnerability in the web interface of Cisco Prime Infrastructure and ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3883 (A vulnerability in the authentication, authorization, and accounting ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3882 (A vulnerability in the Universal Plug-and-Play (UPnP) implementation in ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3881 (A vulnerability in the Cisco Cluster Management Protocol (CMP) ...)
@@ -84820,7 +84820,7 @@
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)
 	NOTE: https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security
 CVE-2015-5376 (SQL injection vulnerability in the login form in GSI WiNPAT Portal ...)
-	TODO: check
+	NOT-FOR-US: GSI WiNPAT Portal
 CVE-2015-5375 (Cross-site scripting (XSS) vulnerability in unspecified dialogs for ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2015-5374 (The EN100 module with firmware before 4.25 for Siemens SIPROTEC 4 and ...)
@@ -85485,7 +85485,7 @@
 	- criu 1.8-2 (bug #797111)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1255782
 CVE-2015-5227 (The Landing Pages plugin before 1.9.2 for WordPress allows remote ...)
-	TODO: check
+	NOT-FOR-US: Landing Pages plugin for WordPress
 CVE-2015-5226
 	REJECTED
 CVE-2015-5225 (Buffer overflow in the vnc_refresh_server_surface function in the VNC ...)

More information about the Secure-testing-commits mailing list