[Secure-testing-commits] r55570 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Sep 8 09:20:35 UTC 2017 

Author: jmm
Date: 2017-09-08 09:20:35 +0000 (Fri, 08 Sep 2017)
New Revision: 55570

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-08 09:17:52 UTC (rev 55569)
+++ data/CVE/list	2017-09-08 09:20:35 UTC (rev 55570)
@@ -85856,7 +85856,7 @@
 CVE-2015-3452
 	RESERVED
 CVE-2015-3450 (Heap-based buffer overflow in libaxl 0.6.9 allows attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: libaxl
 CVE-2015-3449 (The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions ...)
 	NOT-FOR-US: SAP Afaria
 CVE-2015-3448 (REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and ...)
@@ -85889,7 +85889,7 @@
 CVE-2015-3443 (Cross-site scripting (XSS) vulnerability in the basic dashboard in ...)
 	NOT-FOR-US: Thycotic Secret Server
 CVE-2015-3442 (Soreco Xpert.Line 3.0 allows local users to spoof users and ...)
-	TODO: check
+	NOT-FOR-US: Soreco
 CVE-2015-3441 (The Parental Control panel in Genexis devices with DRGOS before 1.14.1 ...)
 	NOT-FOR-US: Genexis devices
 CVE-2015-3437
@@ -86639,7 +86639,7 @@
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=bb1b783ee9d7259cfc6a1fe882f22189747f8684 (v4-1-stable)
 	NOTE: Samba update needs as well fixed ldb
 CVE-2015-3222 (syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows ...)
-	TODO: check
+	- ossec-hids <itp> (bug #361954)
 CVE-2015-3221 (OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 ...)
 	- neutron 2015.1.0+2015.06.24.git61.bdf194a0e1-1 (bug #789713)
 	[jessie] - neutron <not-affected> (ipset code introduced in Juno)
@@ -90298,7 +90298,7 @@
 CVE-2013-7429
 	RESERVED
 CVE-2013-7428 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Googlemaps plugin for Joomla!
 CVE-2015-2085
 	RESERVED
 CVE-2015-2084 (Cross-site request forgery (CSRF) vulnerability in the Easy Social ...)
@@ -95372,7 +95372,7 @@
 CVE-2014-9566 (Multiple SQL injection vulnerabilities in the Manage Accounts page in ...)
 	NOT-FOR-US: SolarWinds
 CVE-2014-9565 (Cross-site request forgery (CSRF) vulnerability in IBM Flex System ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2014-9564 (CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet ...)
 	NOT-FOR-US: IBM
 CVE-2014-9563

More information about the Secure-testing-commits mailing list