Author: carnil
Date: 2017-01-01 20:05:58 +0000 (Sun, 01 Jan 2017)
New Revision: 47651
Modified:
data/CVE/list
Log:
Add some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-01 19:43:17 UTC (rev 47650)
+++ data/CVE/list 2017-01-01 20:05:58 UTC (rev 47651)
@@ -23620,7 +23620,7 @@
CVE-2016-5746 (libstorage, libstorage-ng, and yast-storage improperly store
...)
TODO: check
CVE-2016-5745 (F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x
before ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2015-8945 (openshift-node in OpenShift Origin 1.1.6 and earlier improperly
stores ...)
NOT-FOR-US: OpenShift
CVE-2015-8944 (The ioresources_init function in kernel/resource.c in the Linux
kernel ...)
@@ -24035,7 +24035,7 @@
- phpmyadmin 4:4.6.3-1
[wheezy] - phpmyadmin <no-dsa> (Minor issue)
CVE-2016-5700 (Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before
HF11, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2016-5698
RESERVED
CVE-2016-5697 [signature wrapping attack vulnerability]
@@ -26852,7 +26852,7 @@
CVE-2016-5023 (Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15,
11.4.1 ...)
NOT-FOR-US: BIG-IP
CVE-2016-5022 (F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x
before ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2016-5021 (The iControl REST service in F5 BIG-IP LTM, AAM, AFM,
Analytics, APM, ...)
NOT-FOR-US: BIG-IP
CVE-2016-5020 (F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users
to ...)
@@ -30974,13 +30974,13 @@
CVE-2016-3688 (SQL injection vulnerability in dotCMS before 3.5 allows remote
...)
NOT-FOR-US: dotCMS
CVE-2016-3687 (Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x,
11.5.x, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2016-3686 (The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before
11.6.0 ...)
NOT-FOR-US: F5 BIG-IP APM
CVE-2016-3685 (SAP Download Manager 2.1.142 and earlier generates an
encryption key ...)
- TODO: check
+ NOT-FOR-US: SAP Download Manager
CVE-2016-3684 (SAP Download Manager 2.1.142 and earlier uses a hardcoded
encryption ...)
- TODO: check
+ NOT-FOR-US: SAP Download Manager
CVE-2016-3683
RESERVED
CVE-2016-3689 (The ims_pcu_parse_cdc_data function in
drivers/input/misc/ims-pcu.c in ...)
@@ -38383,7 +38383,7 @@
CVE-2016-1502
RESERVED
CVE-2016-1497 (The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x,
11.2.x ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2016-1496 (The graphics driver in Huawei P8 smartphones with software
GRA-TL00 ...)
NOT-FOR-US: Huawei
CVE-2016-1495 (Integer overflow in the graphics drivers in Huawei Mate S
smartphones ...)
@@ -44009,7 +44009,7 @@
CVE-2015-8243
RESERVED
CVE-2015-8240 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM,
AFM, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2015-8238
RESERVED
CVE-2015-8237
@@ -44424,7 +44424,7 @@
CVE-2015-8101
RESERVED
CVE-2015-8099 (F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and
PEM ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2015-8098 (F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3,
and ...)
NOT-FOR-US: BIG-IP
CVE-2015-8097
@@ -44661,9 +44661,9 @@
- strongswan 5.3.3-3
NOTE:
https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html
CVE-2015-8022 (The Configuration utility in F5 BIG-IP LTM, Analytics, APM,
ASM, GTM, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2015-8021 (Incomplete blacklist vulnerability in the Configuration utility
in F5 ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2015-8020
RESERVED
CVE-2015-8018
@@ -51640,7 +51640,7 @@
CVE-2015-8176
REJECTED
CVE-2015-5516 (Memory leak in the last hop kernel module in F5 BIG-IP LTM,
GTM, and ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2015-6240 [ansible zone/chroot/jail escape]
RESERVED
- ansible 1.9.2+dfsg-1 (low)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
