[Secure-testing-commits] r57179 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Oct 31 21:20:12 UTC 2017 

Author: carnil
Date: 2017-10-31 21:20:12 +0000 (Tue, 31 Oct 2017)
New Revision: 57179

Modified:
   data/CVE/list
Log:
Process NFU

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-31 21:14:30 UTC (rev 57178)
+++ data/CVE/list	2017-10-31 21:20:12 UTC (rev 57179)
@@ -30,7 +30,7 @@
 CVE-2017-16233
 	RESERVED
 CVE-2016-10699 (D-Link DSL-2740E 1.00_BG_20150720 devices are prone to persistent XSS ...)
-	TODO: check
+	NOT-FOR-US: D-Link devices
 CVE-2015-9245 (Insecure default configuration in Progress Software OpenEdge 10.2x and ...)
 	TODO: check
 CVE-2017-16232
@@ -1013,7 +1013,7 @@
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/363b02dab09b3226f3bd1420dad9c72b79a42a76 (v4.14-rc6)
 CVE-2017-15950 (Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a ...)
-	TODO: check
+	NOT-FOR-US: Flexense SyncBreeze
 CVE-2017-15949 (Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit ...)
 	NOT-FOR-US: Xavier PHP Management Panel
 CVE-2017-15948 (Perch Content Management System 3.0.3 allows unrestricted file upload ...)
@@ -5239,11 +5239,11 @@
 CVE-2017-14359
 	RESERVED
 CVE-2017-14358 (A URL redirection to untrusted site vulnerability in HP ArcSight ESM ...)
-	TODO: check
+	NOT-FOR-US: HP ArcSight
 CVE-2017-14357 (A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ...)
-	TODO: check
+	NOT-FOR-US: HP ArcSight
 CVE-2017-14356 (An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM ...)
-	TODO: check
+	NOT-FOR-US: HP ArcSight
 CVE-2017-14355
 	RESERVED
 CVE-2017-14354 (A remote cross-site scripting vulnerability in HP UCMDB Foundation ...)
@@ -5533,7 +5533,7 @@
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
 CVE-2017-14250 (In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with ...)
-	TODO: check
+	NOT-FOR-US: TP-LINK Router
 CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in ...)
 	{DLA-1131-1}
 	- imagemagick <unfixed> (low; bug #876099)
@@ -15244,7 +15244,7 @@
 CVE-2017-10955 (** DISPUTED ** This vulnerability allows remote attackers to execute ...)
 	NOT-FOR-US: EMC
 CVE-2017-10954 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Bitdefender Internet Security Internet Security 2018
 CVE-2017-10953 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	TODO: check
 CVE-2017-10952 (This vulnerability allows remote attackers to execute arbitrary code ...)
@@ -36298,9 +36298,9 @@
 CVE-2017-3935 (Network Data Loss Prevention is vulnerable to MIME type sniffing which ...)
 	TODO: check
 CVE-2017-3934 (Missing HTTP Strict Transport Security state information vulnerability ...)
-	TODO: check
+	NOT-FOR-US: McAfee Network Data Loss Prevention
 CVE-2017-3933 (Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network ...)
-	TODO: check
+	NOT-FOR-US: McAfee Network Data Loss Prevention
 CVE-2017-3932
 	RESERVED
 CVE-2017-3931
@@ -48018,7 +48018,7 @@
 CVE-2016-9098
 	REJECTED
 CVE-2016-9097 (The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2016-9096
 	REJECTED
 CVE-2016-9095

More information about the Secure-testing-commits mailing list