[Secure-testing-commits] r47914 - data/CVE

Wed, 11 Jan 2017 09:33:02 -0800 

Author: jmm
Date: 2017-01-11 17:32:17 +0000 (Wed, 11 Jan 2017)
New Revision: 47914

Modified:
   data/CVE/list
Log:
mcollective bug
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-11 17:21:05 UTC (rev 47913)
+++ data/CVE/list       2017-01-11 17:32:17 UTC (rev 47914)
@@ -221,7 +221,7 @@
 CVE-2017-5218
        RESERVED
 CVE-2017-5217 (Installing a zero-permission Android application on certain 
Samsung ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2017-5216 (Stack-based buffer overflow vulnerability in Netop Remote 
Control ...)
        TODO: check
 CVE-2017-5215
@@ -266,9 +266,9 @@
        - libgit2 <unfixed>
        NOTE: 
https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834
 CVE-2016-10126 (Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x 
before ...)
-       TODO: check
+       NOT-FOR-US: Splunk
 CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a 
hardcoded ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2016-10127 [XML external entity attack]
        - python-pysaml2 3.0.0-5 (bug #850716)
        NOTE: https://github.com/rohe/pysaml2/pull/379
@@ -374,7 +374,7 @@
        NOTE: 
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
        NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
 CVE-2017-5179 (Cross-site scripting (XSS) vulnerability in Tenable Nessus 
before ...)
-       TODO: check
+       NOT-FOR-US: Nessus
 CVE-2017-5178
        RESERVED
 CVE-2017-5177
@@ -3148,7 +3148,7 @@
 CVE-2016-10042
        RESERVED
 CVE-2016-10041 (An issue was discovered in Sprecher Automation SPRECON-E 
Service ...)
-       TODO: check
+       NOT-FOR-US: Sprecher Automation SPRECON-E Service
 CVE-2016-10040
        RESERVED
        - qt4-x11 <unfixed>
@@ -5938,7 +5938,7 @@
 CVE-2016-9758
        RESERVED
 CVE-2016-9757 (In the Create Tags page of the Rapid7 Nexpose version 6.4.12 
user ...)
-       TODO: check
+       NOT-FOR-US: Rapid7 Nexpose
 CVE-2016-9846 (QEMU (aka Quick Emulator) built with the Virtio GPU Device 
emulator ...)
        - qemu 1:2.8+dfsg-1 (bug #847382)
        [jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -34329,9 +34329,8 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/03/02/8
 CVE-2016-2788
        RESERVED
-       - mcollective <undetermined>
+       - mcollective <unfixed> (bug #850968)
        NOTE: https://puppet.com/security/cve/cve-2016-2788
-       TODO: check
 CVE-2016-2787
        RESERVED
 CVE-2016-2786 (The pxp-agent component in Puppet Enterprise 2015.3.x before 
2015.3.3 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to