[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Feb 23 14:39:29 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e911701e by Salvatore Bonaccorso at 2018-02-23T15:38:22+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -170932,7 +170932,7 @@ CVE-2012-6348 (Centrify Deployment Manager 2.1.0.283, as distributed in Centrify
 CVE-2012-6347 (Multiple cross-site scripting (XSS) vulnerabilities in Java number ...)
 	TODO: check
 CVE-2012-6346 (Multiple cross-site scripting (XSS) vulnerabilities in FortiWeb before ...)
-	TODO: check
+	NOT-FOR-US: FortiWeb
 CVE-2012-6345
 	RESERVED
 	NOT-FOR-US: CyberArk Vault
@@ -186366,7 +186366,7 @@ CVE-2012-0943 (debian/guest-account in Light Display Manager (lightdm) 1.0.x bef
 CVE-2012-0942 (Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix ...)
 	NOT-FOR-US: RealNetworks Helix
 CVE-2012-0941 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2012-0940
 	RESERVED
 CVE-2012-0939 (Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier ...)
@@ -186843,7 +186843,7 @@ CVE-2012-0773 (The NetStream class in Adobe Flash Player before 10.3.183.18 and 
 CVE-2012-0772 (An unspecified ActiveX control in Adobe Flash Player before ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-0771 (Adobe Shockwave Player before 11.6.4.634 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2012-0770 (Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2012-0769 (Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on ...)
@@ -191633,9 +191633,9 @@ CVE-2011-4071
 CVE-2011-4070
 	RESERVED
 CVE-2011-4069 (html/admin/login.php in PacketFence before 3.0.2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: PacketFence
 CVE-2011-4068 (The check_password function in html/admin/login.php in PacketFence ...)
-	TODO: check
+	NOT-FOR-US: PacketFence
 CVE-2011-4067
 	RESERVED
 CVE-2011-4066 (SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and ...)
@@ -193553,7 +193553,7 @@ CVE-2011-3479 (Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suit
 CVE-2011-3478 (The host-services component in Symantec pcAnywhere 12.5.x through ...)
 	NOT-FOR-US: Symantec pcAnywhere
 CVE-2011-3477 (GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2011-3476
 	REJECTED
 CVE-2011-3475
@@ -217126,7 +217126,7 @@ CVE-2010-0111 (HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Int
 CVE-2010-0110 (Multiple stack-based buffer overflows in Intel Alert Management System ...)
 	NOT-FOR-US: Symantec Intel Alert Handler
 CVE-2010-0109 (DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the ...)
 	NOT-FOR-US: Symantec AntiVirus
 CVE-2010-0107 (Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 ...)
@@ -218045,7 +218045,7 @@ CVE-2009-4269 (The password hash generation algorithm in the BUILTIN authenticat
 CVE-2009-4268
 	REJECTED
 CVE-2009-4267 (The console in Apache jUDDI 3.0.0 does not properly escape line feeds, ...)
-	TODO: check
+	NOT-FOR-US: Apache jUDDI
 CVE-2009-XXXX [gnome-screensaver inhibitor not removed when connection is closed]
 	- gnome-screensaver 2.28.0-2 (low; bug #560895)
 	[etch] - gnome-screensaver <not-affected> (vulnerable code introduced in 2.28)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e911701e282a6443831d076b6ca38aad26ab2fc2

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e911701e282a6443831d076b6ca38aad26ab2fc2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180223/b5865c90/attachment.html>

More information about the Secure-testing-commits mailing list