[Secure-testing-commits] r48040 - data/CVE

Sat, 14 Jan 2017 07:23:00 -0800 

Author: jmm
Date: 2017-01-14 15:22:40 +0000 (Sat, 14 Jan 2017)
New Revision: 48040

Modified:
   data/CVE/list
Log:
two potential tripleo-heat-templates issues
mark one older bittorrent issue as NFU, there's no evidence that
this affects a free BT implementation


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-14 15:10:47 UTC (rev 48039)
+++ data/CVE/list       2017-01-14 15:22:40 UTC (rev 48040)
@@ -52595,8 +52595,7 @@
        NOTE: 
https://github.com/bestpractical/rt/commit/67d517ba3421ba462e349c73207a627d137ef8ac
 (4.2.x)
        NOTE: 
https://github.com/bestpractical/rt/commit/4ec786bb4743f67a35a634c1bf43b13d3d3b39a9
 (4.0.x)
 CVE-2015-5474 (BitTorrent and uTorrent allow remote attackers to inject 
command line ...)
-       - bittorrent <undetermined>
-       NOTE: http://www.zerodayinitiative.com/advisories/ZDI-15-358/
+       NOT-FOR-US: uTorrent
 CVE-2015-5473
        RESERVED
 CVE-2015-5472 (Absolute path traversal vulnerability in lib/download.php in 
the IBS ...)
@@ -53050,8 +53049,7 @@
        NOTE: https://www.samba.org/samba/security/CVE-2015-5330.html
        NOTE: Samba update needs as well fixed ldb
 CVE-2015-5329 (The TripleO Heat templates (tripleo-heat-templates), as used in 
Red ...)
-       - tripleo-heat-templates <undetermined>
-       TODO: check
+       - tripleo-heat-templates <unfixed>
 CVE-2015-5328
        RESERVED
 CVE-2015-5327 [User triggerable out-of-bounds read]
@@ -53176,8 +53174,7 @@
 CVE-2015-5304 (Red Hat JBoss Enterprise Application Platform (EAP) before 
6.4.5 does ...)
        NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
 CVE-2015-5303 (The TripleO Heat templates (tripleo-heat-templates), when 
deployed via ...)
-       - tripleo-heat-templates <undetermined>
-       TODO: check
+       - tripleo-heat-templates <unfixed>
 CVE-2015-5302 (libreport 2.0.7 before 2.6.3 only saves changes to the first 
file when ...)
        NOT-FOR-US: abrt/libreport
 CVE-2015-5301 (providers/saml2/admin.py in the Identity Provider (IdP) server 
in ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to