[Secure-testing-commits] r55347 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Sep 1 04:30:16 UTC 2017 

Author: carnil
Date: 2017-09-01 04:30:16 +0000 (Fri, 01 Sep 2017)
New Revision: 55347

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-01 04:11:42 UTC (rev 55346)
+++ data/CVE/list	2017-09-01 04:30:16 UTC (rev 55347)
@@ -1,7 +1,7 @@
 CVE-2017-14077
 	RESERVED
 CVE-2017-14076 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id ...)
-	TODO: check
+	NOT-FOR-US: NexusPHP
 CVE-2017-14075
 	RESERVED
 CVE-2017-14074
@@ -13,9 +13,9 @@
 CVE-2017-14071
 	RESERVED
 CVE-2017-14070 (Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via ...)
-	TODO: check
+	NOT-FOR-US: NexusPHP
 CVE-2017-14069 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw ...)
-	TODO: check
+	NOT-FOR-US: NexusPHP
 CVE-2017-14068
 	RESERVED
 CVE-2017-14067
@@ -921,7 +921,7 @@
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0c54f69295208331faab9bc5e995111a35672f9b
 CVE-2017-13708 (Buffer overflow in the web server service in VX Search Enterprise ...)
-	TODO: check
+	NOT-FOR-US: VX Search Enterprise
 CVE-2017-13707 (Privilege escalation in Replibit Backup Manager earlier than version ...)
 	NOT-FOR-US: Replibit
 CVE-2017-13706
@@ -7804,7 +7804,7 @@
 CVE-2017-11159 (Multiple untrusted search path vulnerabilities in installer in ...)
 	NOT-FOR-US: Installer in Synology Photo Station Uploader
 CVE-2017-11158 (Multiple untrusted search path vulnerabilities in the installer in ...)
-	TODO: check
+	NOT-FOR-US: Synology Cloud Station Drive
 CVE-2017-11157 (Multiple untrusted search path vulnerabilities in the installer in ...)
 	NOT-FOR-US: Synology
 CVE-2017-11156 (Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before ...)
@@ -36010,19 +36010,19 @@
 CVE-2017-1451
 	RESERVED
 CVE-2017-1450 (IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1449 (IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1448 (IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could ...)
 	NOT-FOR-US: IBM
 CVE-2017-1447 (IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1446 (IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2017-1445 (IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2017-1444 (IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1443 (IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2017-1442 (IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site ...)

More information about the Secure-testing-commits mailing list