[Secure-testing-commits] r55668 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Sep 11 21:49:01 UTC 2017 

Author: jmm
Date: 2017-09-11 21:49:01 +0000 (Mon, 11 Sep 2017)
New Revision: 55668

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-11 21:46:39 UTC (rev 55667)
+++ data/CVE/list	2017-09-11 21:49:01 UTC (rev 55668)
@@ -410,7 +410,7 @@
 CVE-2017-14154
 	RESERVED
 CVE-2017-14153 (This vulnerability allows local attackers to escalate privileges on ...)
-	TODO: check
+	NOT-FOR-US: Jungo WinDriver
 CVE-2017-14164 (A size-validation issue was discovered in opj_j2k_write_sot in ...)
 	- openjpeg2 <not-affected> (Incomplete fix for CVE-2017-14152 not applied)
 CVE-2017-14152 (A mishandled zero case was discovered in opj_j2k_set_cinema_parameters ...)
@@ -658,7 +658,7 @@
 CVE-2017-14076 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id ...)
 	NOT-FOR-US: NexusPHP
 CVE-2017-14075 (This vulnerability allows local attackers to escalate privileges on ...)
-	TODO: check
+	NOT-FOR-US: Jungo WinDriver
 CVE-2017-14074
 	RESERVED
 CVE-2017-14073
@@ -18933,7 +18933,7 @@
 	NOTE: http://mosquitto.org/2017/05/security-advisory-cve-2017-7650/
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7650/
 CVE-2017-7649 (The network enabled distribution of Kura before 2.1.0 takes control ...)
-	TODO: check
+	NOT-FOR-US: Kura
 CVE-2017-7648 (Foscam networked devices use the same hardcoded SSL private key across ...)
 	NOT-FOR-US: Foscam
 CVE-2017-7647 (SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an ...)
@@ -72278,7 +72278,7 @@
 CVE-2015-8350 (Multiple cross-site scripting (XSS) vulnerabilities in the Calls to ...)
 	NOT-FOR-US: WordPress plugin cta
 CVE-2015-8349 (Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 ...)
-	TODO: check
+	NOT-FOR-US: SourceBeans
 CVE-2015-8348
 	RESERVED
 CVE-2015-8347
@@ -81716,7 +81716,7 @@
 CVE-2015-5055
 	RESERVED
 CVE-2015-5054 (Open redirect vulnerability in Ellucian (formerly SunGard) Banner ...)
-	TODO: check
+	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
 CVE-2015-5053 (The host memory mapping path feature in the NVIDIA GPU graphics driver ...)
 	- nvidia-graphics-drivers 352.41-1
 	[jessie] - nvidia-graphics-drivers <not-affected> (Only affects R352 and R346 Linux branches)
@@ -82675,11 +82675,11 @@
 CVE-2015-4690
 	RESERVED
 CVE-2015-4689 (Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows ...)
-	TODO: check
+	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
 CVE-2015-4688 (Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allow ...)
-	TODO: check
+	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
 CVE-2015-4687 (Cross-site scripting (XSS) vulnerability in Ellucian (formerly ...)
-	TODO: check
+	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
 CVE-2015-4686
 	RESERVED
 CVE-2015-4685
@@ -83089,7 +83089,7 @@
 CVE-2015-4524 (Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 ...)
 	NOT-FOR-US: EMC Documentum WebTop Client
 CVE-2015-4523 (Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware ...)
-	TODO: check
+	NOT-FOR-US: Blue Coat
 CVE-2015-4522 (The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1

More information about the Secure-testing-commits mailing list