[Secure-testing-commits] r57064 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sat Oct 28 10:03:03 UTC 2017


Author: jmm
Date: 2017-10-28 10:03:03 +0000 (Sat, 28 Oct 2017)
New Revision: 57064

Modified:
   data/CVE/list
Log:
NFUs
chromium n/a


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-28 10:00:01 UTC (rev 57063)
+++ data/CVE/list	2017-10-28 10:03:03 UTC (rev 57064)
@@ -4,15 +4,15 @@
 CVE-2017-15950
 	RESERVED
 CVE-2017-15949 (Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit ...)
-	TODO: check
+	NOT-FOR-US: Xavier PHP Management Panel
 CVE-2017-15948 (Perch Content Management System 3.0.3 allows unrestricted file upload ...)
-	TODO: check
+	NOT-FOR-US: Perch Content Management System
 CVE-2017-15947 (Simple ASC Content Management System v1.2 has XSS in the location field ...)
-	TODO: check
+	NOT-FOR-US: Simple ASC Content Management
 CVE-2017-15946 (In the com_tag component 1.7.6 for Joomla!, a SQL injection ...)
-	TODO: check
+	NOT-FOR-US: Joomla addon
 CVE-2017-15945 (The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, ...)
-	TODO: check
+	NOT-FOR-US: Gentoo installation scripts
 CVE-2017-15944
 	RESERVED
 CVE-2017-15943
@@ -803,9 +803,9 @@
 CVE-2017-15583 (The embedded web server on ABB Fox515T 1.0 devices is vulnerable to ...)
 	NOT-FOR-US: ABB Fox515T 1.0 devices
 CVE-2017-15582 (In net.MCrypt in the "Diary with lock" (aka WriteDiary) application ...)
-	TODO: check
+	NOT-FOR-US: Diary with lock
 CVE-2017-15581 (In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, ...)
-	TODO: check
+	NOT-FOR-US: Diary with lock
 CVE-2017-15580 (osTicket 1.10.1 provides a functionality to upload 'html' files with ...)
 	NOT-FOR-US: osTicket
 CVE-2017-15579 (In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an ...)
@@ -4694,7 +4694,7 @@
 CVE-2017-14183
 	RESERVED
 CVE-2017-14182 (A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2017-14180
 	RESERVED
 CVE-2017-14179
@@ -23635,7 +23635,7 @@
 CVE-2017-7734 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2017-7733 (A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2017-7732 (A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet ...)
 	NOT-FOR-US: Fortinet
 CVE-2017-7731 (A weak password recovery vulnerability in Fortinet FortiPortal ...)
@@ -28760,19 +28760,19 @@
 CVE-2017-6164
 	RESERVED
 CVE-2017-6163 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6162 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6161 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6160 (In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6159 (F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6158
 	RESERVED
 CVE-2017-6157 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6156
 	RESERVED
 CVE-2017-6155
@@ -32641,7 +32641,7 @@
 	- chromium-browser 60.0.3112.78-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5090 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
-	TODO: check
+	- chromium-browser <not-affected> (Chrome on Mac)
 CVE-2017-5089 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
 	{DSA-3926-1}
 	- chromium-browser 59.0.3071.104-1




More information about the Secure-testing-commits mailing list