[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Thu Mar 1 12:49:04 UTC 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1a15d0b0 by Moritz Muehlenhoff at 2018-03-01T13:48:49+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -101661,7 +101661,7 @@ CVE-2016-0301 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domin
 CVE-2016-0300 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0299 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-0298 (Directory traversal vulnerability in IBM Security Guardium Database ...)
 	NOT-FOR-US: IBM
 CVE-2016-0297 (IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could ...)
@@ -101669,7 +101669,7 @@ CVE-2016-0297 (IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) coul
 CVE-2016-0296 (IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores ...)
 	NOT-FOR-US: IBM
 CVE-2016-0295 (Cross-site request forgery (CSRF) vulnerability in the IBM BigFix ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-0294
 	RESERVED
 CVE-2016-0293 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform ...)
@@ -101677,7 +101677,7 @@ CVE-2016-0293 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform .
 CVE-2016-0292 (WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) ...)
 	NOT-FOR-US: IBM
 CVE-2016-0291 (IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-0290
 	RESERVED
 CVE-2016-0289 (shiprec.xml in the SHIPREC application in IBM Maximo Asset Management ...)
@@ -110263,7 +110263,7 @@ CVE-2015-5675 (The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 CVE-2015-5674 (The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 ...)
-	TODO: check
+	NOT-FOR-US: routed daemon in FreeBSD
 CVE-2015-5673 (eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) ...)
 	NOT-FOR-US: ISUCON5 qualifier portal
 CVE-2015-5672 (TYPE-MOON Fate/stay night, Fate/hollow ataraxia, Witch on the Holy ...)
@@ -112121,7 +112121,7 @@ CVE-2015-5082 (Endian Firewall before 3.0 allows remote attackers to execute ...
 CVE-2015-5080 (The Management Interface in Citrix NetScaler Application Delivery ...)
 	NOT-FOR-US: Citrix
 CVE-2015-5079 (Directory traversal vulnerability in widgets/logs.php in BlackCat CMS ...)
-	TODO: check
+	NOT-FOR-US: BlackCat CMS
 CVE-2015-5078 (SQL injection vulnerability in the insert function in ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2015-5077
@@ -114708,7 +114708,7 @@ CVE-2015-4119 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...
 CVE-2015-4118 (SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig ...)
 	NOT-FOR-US: ISPConfig
 CVE-2015-4117 (Vesta Control Panel before 0.9.8-14 allows remote authenticated users ...)
-	TODO: check
+	NOT-FOR-US: Vesta Control Panel
 CVE-2015-4116 (Use-after-free vulnerability in the spl_ptr_heap_insert function in ...)
 	- php5 5.6.11+dfsg-1 (unimportant)
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
@@ -115377,7 +115377,7 @@ CVE-2015-3900 (RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x befor
 CVE-2015-3899
 	RESERVED
 CVE-2015-3898 (Multiple open redirect vulnerabilities in Bonita BPM Portal before ...)
-	TODO: check
+	NOT-FOR-US: Bonita BPM Portal
 CVE-2015-3897 (Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 ...)
 	NOT-FOR-US: Bonita BPM Portal
 CVE-2015-3896
@@ -138308,7 +138308,7 @@ CVE-2014-5337 (The WordPress Mobile Pack plugin before 2.0.2 for WordPress does 
 CVE-2014-5335 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	NOT-FOR-US: innovaphone PBX
 CVE-2014-5334 (FreeNAS before 9.3-M3 has a blank admin password, which allows remote ...)
-	TODO: check
+	NOT-FOR-US: FreeNAS
 CVE-2014-5332 (Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local ...)
 	- linux <not-affected> (drivers/video/tegra not present)
 	NOTE: http://googleprojectzero.blogspot.de/2015/01/exploiting-nvmap-to-escape-chrome.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a15d0b0107a57c82407bc73811b7d43f8393bbf

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a15d0b0107a57c82407bc73811b7d43f8393bbf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180301/6e9c4b9e/attachment.html>

More information about the Secure-testing-commits mailing list