[Secure-testing-commits] r56929 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Oct 23 21:20:38 UTC 2017 

Author: jmm
Date: 2017-10-23 21:20:38 +0000 (Mon, 23 Oct 2017)
New Revision: 56929

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-23 21:10:17 UTC (rev 56928)
+++ data/CVE/list	2017-10-23 21:20:38 UTC (rev 56929)
@@ -1,13 +1,13 @@
 CVE-2017-15812 (The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2017-15811 (The Pootle Button plugin before 1.2.0 for WordPress has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2017-15810 (The PopCash.Net Code Integration Tool plugin before 1.1 for WordPress ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2017-15809 (In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a ...)
-	TODO: check
+	NOT-FOR-US: phpMyFaq
 CVE-2017-15808 (In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php. ...)
-	TODO: check
+	NOT-FOR-US: phpMyFaq
 CVE-2017-15807
 	RESERVED
 CVE-2017-15806
@@ -5353,7 +5353,7 @@
 CVE-2017-13773
 	RESERVED
 CVE-2017-13772 (Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2017-13771 (Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network ...)
 	NOT-FOR-US: Lexmark Scan To Network
 CVE-2017-13770
@@ -5786,9 +5786,9 @@
 CVE-2017-13684 (Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE ...)
 	NOT-FOR-US: Unisys Libra
 CVE-2017-13683 (In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2017-13682 (In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2017-13681
 	RESERVED
 CVE-2017-13680
@@ -81365,7 +81365,7 @@
 	NOTE: https://plus.google.com/+OpenVZorg/posts/gidyrouNi7D
 	NOTE: https://wiki.openvz.org/Download/vzctl/4.9.4
 CVE-2015-6839 (The parse function in MSA vot.Ar 3.1 does not check whether a ...)
-	TODO: check
+	NOT-FOR-US: MSA vot.Ar
 CVE-2015-6829 (Multiple SQL injection vulnerabilities in the getip function in ...)
 	NOT-FOR-US: getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin for WordPress
 CVE-2015-6828 (The tweet_info function in class/__functions.php in the SecureMoz ...)
@@ -92564,7 +92564,7 @@
 CVE-2015-2879
 	RESERVED
 CVE-2015-2878 (Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis ...)
-	TODO: check
+	NOT-FOR-US: Hexis HawkEye
 CVE-2015-2877 (** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
@@ -116514,14 +116514,14 @@
 CVE-2014-3745
 	RESERVED
 CVE-2014-3744 (Directory traversal vulnerability in the st module before 0.2.5 for ...)
-	TODO: check
+	NOT-FOR-US: Node st module
 CVE-2014-3743
 	RESERVED
 	- node-marked 0.3.1+dfsg-1
 CVE-2014-3742 (The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js ...)
 	NOT-FOR-US: hapi framework for Node.js
 CVE-2014-3741 (The printDirect function in lib/printer.js in the node-printer module ...)
-	TODO: check
+	NOT-FOR-US: node-printer
 CVE-2014-3740 (Cross-site scripting (XSS) vulnerability in SpiceWorks before ...)
 	NOT-FOR-US: SpiceWorks
 CVE-2014-3737 (Cross-site scripting (XSS) vulnerability in ...)
@@ -117594,7 +117594,7 @@
 CVE-2013-7378
 	RESERVED
 CVE-2013-7377 (The codem-transcode module before 0.5.0 for Node.js, when ffprobe is ...)
-	TODO: check
+	NOT-FOR-US: codem-transcode Node module
 CVE-2013-7376 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX ...)
 	NOT-FOR-US: OpenX
 CVE-2014-3800 (XBMC 13.0 uses world-readable permissions for ...)
@@ -185576,7 +185576,7 @@
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
 CVE-2010-2232 (In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export ...)
-	TODO: check
+	NOT-FOR-US: Apache Derby
 CVE-2010-2231 (Cross-site request forgery (CSRF) vulnerability in ...)
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)

More information about the Secure-testing-commits mailing list