[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Feb 9 09:43:34 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2a8a2ef5 by Salvatore Bonaccorso at 2018-02-09T10:43:16+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -64428,7 +64428,7 @@ CVE-2017-1787
 CVE-2017-1786
 	RESERVED
 CVE-2017-1785 (IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote ...)
-	TODO: check
+	NOT-FOR-US: IBM API Connect
 CVE-2017-1784 (IBM Cognos Analytics 11.0 could produce results in temporary files ...)
 	NOT-FOR-US: IBM Cognos Analytics
 CVE-2017-1783 (IBM Cognos Analytics 11.0 could allow a local user to change ...)
@@ -64614,7 +64614,7 @@ CVE-2017-1694 (IBM Integration Bus 9.0 and 10.0 transmits user credentials in pl
 CVE-2017-1693 (IBM Integration Bus 9.0 and 10.0 could allow an attacker that has ...)
 	NOT-FOR-US: IBM Integration Bus
 CVE-2017-1692 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2017-1691
 	RESERVED
 CVE-2017-1690
@@ -79856,9 +79856,9 @@ CVE-2016-6175 (Eval injection vulnerability in php-gettext 1.0.12 and earlier al
 CVE-2016-6174 (applications/core/modules/front/system/content.php in Invision Power ...)
 	NOT-FOR-US: Inivision
 CVE-2016-6169 (Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2016-6168 (Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2016-6167 (Multiple untrusted search path vulnerabilities in Putty beta 0.67 ...)
 	- putty <not-affected> (Windows-specific)
 CVE-2016-6166
@@ -117790,7 +117790,7 @@ CVE-2015-2749 (Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x bef
 	NOTE: https://www.drupal.org/SA-CORE-2015-001
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/19/5
 CVE-2015-2329 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
-	TODO: check
+	NOT-FOR-US: WooCommerce plugin for WordPress
 CVE-2015-2328 (PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related ...)
 	- mongodb <unfixed> (unimportant)
 	NOTE: CVE for bundled version of pcre3 in mongodb
@@ -178851,7 +178851,7 @@ CVE-2012-3333 (CRLF injection vulnerability in IBM Maximo Asset Management 7.x b
 CVE-2012-3332
 	RESERVED
 CVE-2012-3331 (IBM Sametime allows remote attackers to obtain sensitive information ...)
-	TODO: check
+	NOT-FOR-US: IBM Sametime
 CVE-2012-3330 (The proxy server in IBM WebSphere Application Server 7.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2012-3329 (IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 ...)
@@ -181793,7 +181793,7 @@ CVE-2012-2168 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0
 CVE-2012-2167 (The IBM XIV Storage System Gen3 before 11.1.0.a allows remote ...)
 	NOT-FOR-US: IBM XIV Storage System Gen3
 CVE-2012-2166 (IBM XIV Storage System 2810-A14 and 2812-A14 devices before level ...)
-	TODO: check
+	NOT-FOR-US: IBM XIV Storage System
 CVE-2012-2165 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, ...)
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2012-2164 (The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x ...)
@@ -187210,7 +187210,7 @@ CVE-2011-4891
 CVE-2011-4890 (The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows ...)
 	NOT-FOR-US: IBM solidDB
 CVE-2011-4889 (The javax.naming.directory.AttributeInUseException class in the ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-4888
 	RESERVED
 CVE-2011-4887 (Cross-site scripting (XSS) vulnerability in the Violations Table in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a8a2ef5c906b638d208a64aa168e0d037bd9dc3

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a8a2ef5c906b638d208a64aa168e0d037bd9dc3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180209/12d8be43/attachment-0001.html>

More information about the Secure-testing-commits mailing list