[Secure-testing-commits] r55375 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Sep 1 21:31:12 UTC 2017 

Author: carnil
Date: 2017-09-01 21:31:12 +0000 (Fri, 01 Sep 2017)
New Revision: 55375

Modified:
   data/CVE/list
Log:
Process some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-01 21:17:13 UTC (rev 55374)
+++ data/CVE/list	2017-09-01 21:31:12 UTC (rev 55375)
@@ -1122,7 +1122,7 @@
 CVE-2017-13675
 	RESERVED
 CVE-2017-13674 (Symantec ProxyClient 3.4 for Windows is susceptible to a privilege ...)
-	TODO: check
+	NOT-FOR-US: Symantec ProxyClient
 CVE-2017-13673 (The vga display update in Qemu 2.8.0 through 2.9.0 mis-calculated the ...)
 	- qemu <unfixed>
 	- qemu-kvm <removed>
@@ -8946,13 +8946,13 @@
 CVE-2017-10852
 	RESERVED
 CVE-2017-10851 (Untrusted search path vulnerability in Installer for ContentsBridge ...)
-	TODO: check
+	NOT-FOR-US: Installer for ContentsBridge Utility for Windows
 CVE-2017-10850 (Untrusted search path vulnerability in Installers of ART EX Driver for ...)
-	TODO: check
+	NOT-FOR-US: Various installer for Drivers for ApeosPort-VI and DocuCentre-VI products
 CVE-2017-10849 (Untrusted search path vulnerability in Self-extracting document ...)
-	TODO: check
+	NOT-FOR-US: DocuWorks
 CVE-2017-10848 (Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 ...)
-	TODO: check
+	NOT-FOR-US: Installers for DocuWorks
 CVE-2017-10847
 	RESERVED
 CVE-2017-10846
@@ -8990,7 +8990,7 @@
 CVE-2017-10830 (Untrusted search path vulnerability in Security Setup Tool all ...)
 	NOT-FOR-US: Security Setup Tool
 CVE-2017-10829 (Untrusted search path vulnerability in Remote Support Tool (Enkaku ...)
-	TODO: check
+	NOT-FOR-US: Remote Support Tool (Enkaku Support Tool)
 CVE-2017-10828 (Untrusted search path vulnerability in Flets Install Tool all versions ...)
 	NOT-FOR-US: Flets Install Tool
 CVE-2017-10827 (Untrusted search path vulnerability in Flets Azukeru for Windows Auto ...)
@@ -29465,9 +29465,9 @@
 CVE-2017-3899 (SQL injection vulnerability in Intel Security Advanced Threat Defense ...)
 	NOT-FOR-US: Intel antivirus
 CVE-2017-3898 (A man-in-the-middle attack vulnerability in the non-certificate-based ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2017-3897 (A Code Injection vulnerability in the non-certificate-based ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2017-3896 (Unvalidated parameter vulnerability in the remote log viewing ...)
 	NOT-FOR-US: Intel McAfee
 CVE-2017-3895
@@ -51616,7 +51616,7 @@
 CVE-2016-5796 (An issue was discovered in Fatek Automation PM Designer V3 Version ...)
 	NOT-FOR-US: Fatek Automation PM Designer
 CVE-2016-5795 (An XXE issue was discovered in Automated Logic Corporation (ALC) ...)
-	TODO: check
+	NOT-FOR-US: Automated Logic Corporation (ALC)
 CVE-2016-5794
 	REJECTED
 CVE-2016-5793 (Unquoted Windows search path vulnerability in Moxa Active OPC Server ...)
@@ -68941,7 +68941,7 @@
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.68, 8.0.32, 9.0.0.M3
 CVE-2016-0713 (Gorouter in Cloud Foundry cf-release v141 through v228 allows ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2016-0712 (Cross-site scripting (XSS) vulnerability in Apache Jetspeed before ...)
 	NOT-FOR-US: Apache Jetspeed
 CVE-2016-0711 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed ...)
@@ -73299,7 +73299,7 @@
 CVE-2015-7748 (Juniper chassis with Trio (Trinity) chipset line cards and Junos OS ...)
 	NOT-FOR-US: Juniper
 CVE-2015-7746 (NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows ...)
-	TODO: check
+	NOT-FOR-US: NetApp
 CVE-2015-7745
 	RESERVED
 CVE-2015-7744 (wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults ...)
@@ -73381,7 +73381,7 @@
 CVE-2015-7712 (Multiple eval injection vulnerabilities in ...)
 	NOT-FOR-US: ATutor
 CVE-2015-7711 (Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor ...)
-	TODO: check
+	NOT-FOR-US: ATutor
 CVE-2015-7710
 	RESERVED
 CVE-2015-7709 (The arkeiad daemon in the Arkeia Backup Agent in Western Digital ...)
@@ -98726,11 +98726,11 @@
 CVE-2014-8678 (The ConfigSaveServlet servlet in ManageEngine OpUtils before build ...)
 	NOT-FOR-US: ManageEngine OpUtils
 CVE-2014-8677 (The installation process for SOPlanning 1.32 and earlier allows remote ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2014-8676 (Directory traversal vulnerability in the file_get_contents function in ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2014-8675 (Soplanning 1.32 and earlier generates static links for sharing ICAL ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2014-8674
 	RESERVED
 CVE-2014-8673

More information about the Secure-testing-commits mailing list