[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Fri Apr 13 16:10:32 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6f43a5ca by Moritz Muehlenhoff at 2018-04-13T17:09:59+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -132900,7 +132900,7 @@ CVE-2014-9565 (Cross-site request forgery (CSRF) vulnerability in IBM Flex Syste
 CVE-2014-9564 (CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet ...)
 	NOT-FOR-US: IBM
 CVE-2014-9563 (CRLF injection vulnerability in the web-based management (WBM) ...)
-	TODO: check
+	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
 CVE-2014-9562 (Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 ...)
 	NOT-FOR-US: M2 OptimalSite
 CVE-2014-9561 (Cross-site scripting (XSS) vulnerability in redir_last_post_list.php ...)
@@ -137665,9 +137665,9 @@ CVE-2014-8424 (ARRIS VAP2500 before FW08.41 does not properly validate passwords
 CVE-2014-8423 (Unspecified vulnerability in the management portal in ARRIS VAP2500 ...)
 	NOT-FOR-US: ARRIS VAP2500
 CVE-2014-8422 (The web-based management (WBM) interface in Unify (former Siemens) ...)
-	TODO: check
+	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
 CVE-2014-8421 (Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 ...)
-	TODO: check
+	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
 CVE-2014-8420 (The ViewPoint web application in Dell SonicWALL Global Management ...)
 	NOT-FOR-US: Dell SonicWALL
 CVE-2014-8419 (Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read ...)
@@ -149463,7 +149463,7 @@ CVE-2014-3628 (Cross-site scripting (XSS) vulnerability in the Admin UI Plugin /
 CVE-2014-3627 (The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 ...)
 	NOT-FOR-US: Apache Hadoop
 CVE-2014-3626 (The Grails Resource Plugin often has to exchange URIs for resources ...)
-	TODO: check
+	NOT-FOR-US: Grails Resource Plugin
 CVE-2014-3625 (Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 ...)
 	- libspring-java 3.2.13-1 (bug #769698)
 	[jessie] - libspring-java <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6f43a5ca6e7cda3b56baf8269e41ac3f490c645e

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6f43a5ca6e7cda3b56baf8269e41ac3f490c645e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180413/29c94afc/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list