[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Sun Mar 4 11:40:29 UTC 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
66dbea84 by Moritz Muehlenhoff at 2018-03-04T12:40:07+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -44162,7 +44162,7 @@ CVE-2017-9288 (The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a refle
 CVE-2017-9286 (The packaging of NextCloud in openSUSE used /srv/www/htdocs in an ...)
 	NOT-FOR-US: OpenSUSE specific packaging issue of NextCloud
 CVE-2017-9285 (NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions ...)
-	TODO: check
+	NOT-FOR-US: NetIQ eDirectory
 CVE-2017-9284
 	RESERVED
 CVE-2017-9283 (An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus ...)
@@ -44172,15 +44172,15 @@ CVE-2017-9282 (An integer overflow (CWE-190) led to an out-of-bounds write (CWE-
 CVE-2017-9281 (An integer overflow (CWE-190) potentially causing an out-of-bounds ...)
 	NOT-FOR-US: Micro Focus VisiBroker
 CVE-2017-9280 (Some NetIQ Identity Manager Applications before Identity Manager ...)
-	TODO: check
+	NOT-FOR-US: NetIQ Identity Manager
 CVE-2017-9279 (NetIQ Identity Manager before 4.5.6.1 allowed uploading files with ...)
-	TODO: check
+	NOT-FOR-US: NetIQ Identity Manager
 CVE-2017-9278 (The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS ...)
-	TODO: check
+	NOT-FOR-US: NetIQ Identity Manager
 CVE-2017-9277 (The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to ...)
-	TODO: check
+	NOT-FOR-US: Novell eDirectory
 CVE-2017-9276 (Novell Access Manager iManager before 4.3.3 did not validate ...)
-	TODO: check
+	NOT-FOR-US: Novell Access Manager iManager
 CVE-2017-9275
 	RESERVED
 CVE-2017-9274 (A shell command injection in the obs-service-source_validator before ...)
@@ -44205,7 +44205,7 @@ CVE-2017-9269 (In libzypp before August 2018 GPG keys attached to YUM repositori
 CVE-2017-9268 (In the open build service before 201707022 the wipetrigger and rebuild ...)
 	TODO: check
 CVE-2017-9267 (In Novell eDirectory before 9.0.3.1 the LDAP interface was not ...)
-	TODO: check
+	NOT-FOR-US: Novell eDirectory
 CVE-2016-10379 (The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL ...)
 	NOT-FOR-US: Joomla addon
 CVE-2016-10378 (e107 2.1.1 allows SQL injection by remote authenticated administrators ...)
@@ -54257,7 +54257,7 @@ CVE-2017-6156
 CVE-2017-6155
 	RESERVED
 CVE-2017-6154 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6153
 	RESERVED
 CVE-2017-6152
@@ -54265,7 +54265,7 @@ CVE-2017-6152
 CVE-2017-6151 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6150 (Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6149
 	RESERVED
 CVE-2017-6148
@@ -74507,7 +74507,7 @@ CVE-2016-8522 (A cross-site scripting vulnerability in HPE Diagnostics version 9
 CVE-2016-8521 (A Remote click jacking vulnerability in HPE Diagnostics version 9.24 ...)
 	NOT-FOR-US: HPE Diagnostics
 CVE-2016-8520 (HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM ...)
-	TODO: check
+	- eucalyptus <removed>
 CVE-2016-8519 (A remote code execution vulnerability in HPE Operations Orchestration ...)
 	NOT-FOR-US: HPE Operations Orchestration
 CVE-2016-8518 (A remote denial of service vulnerability in HPE Systems Insight ...)
@@ -104315,19 +104315,19 @@ CVE-2015-7969 (Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest 
 CVE-2015-7968
 	RESERVED
 CVE-2015-7967 (SafeNet Authentication Service for Citrix Web Interface Agent uses a ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7966 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7965 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7964 (SafeNet Authentication Service for NPS Agent uses a weak ACL for ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7963 (SafeNet Authentication Service for AD FS Agent uses a weak ACL for ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7962 (SafeNet Authentication Service for Outlook Web App Agent uses a weak ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7961 (SafeNet Authentication Service Remote Web Workplace Agent uses a weak ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7960
 	REJECTED
 CVE-2015-7959
@@ -105453,11 +105453,11 @@ CVE-2015-7600 (Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions fo
 CVE-2015-7599 (Integer overflow in the _authenticate function in svc_auth.c in Wind ...)
 	NOT-FOR-US: Wind River VxWorks
 CVE-2015-7598 (SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7597 (SafeNet Authentication Service IIS Agent uses a weak ACL for ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7596 (SafeNet Authentication Service End User Software Tools for Windows ...)
-	TODO: check
+	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7595
 	REJECTED
 CVE-2015-7594
@@ -159061,7 +159061,7 @@ CVE-2013-4893
 CVE-2013-4892
 	RESERVED
 CVE-2013-4891 (The xss_clean function in CodeIgniter before 2.1.4 might allow remote ...)
-	TODO: check
+	NOT-FOR-US: CodeIgniter
 CVE-2013-4889 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	NOT-FOR-US: Digital Signage Xibo
 CVE-2013-4888 (Cross-site scripting (XSS) vulnerability in index.php in Digital ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/66dbea84c420339c6cce2b2ecf44264b37961a5e

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/66dbea84c420339c6cce2b2ecf44264b37961a5e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180304/9500e303/attachment.html>

More information about the Secure-testing-commits mailing list