Author: jmm
Date: 2017-09-12 21:14:25 +0000 (Tue, 12 Sep 2017)
New Revision: 55706
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-12 21:10:15 UTC (rev 55705)
+++ data/CVE/list 2017-09-12 21:14:25 UTC (rev 55706)
@@ -1,11 +1,11 @@
CVE-2017-14347 (NexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter
to ...)
- TODO: check
+ NOT-FOR-US: NexusPHP
CVE-2017-14346 (upload.php in tianchoy/blog through 2017-09-12 allows
unrestricted file ...)
- TODO: check
+ NOT-FOR-US: tianchoy/blog
CVE-2017-14345 (SQL Injection exists in tianchoy/blog through 2017-09-12 via
the id ...)
- TODO: check
+ NOT-FOR-US: tianchoy/blog
CVE-2017-14344 (This vulnerability allows local attackers to escalate
privileges on ...)
- TODO: check
+ NOT-FOR-US: Jungo WinDriver
CVE-2017-14343 (ImageMagick 7.0.6-6 has a memory leak vulnerability in
ReadXCFImage in ...)
TODO: check
CVE-2017-14342 (ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in
...)
@@ -22,7 +22,7 @@
CVE-2017-14338
RESERVED
CVE-2017-14337 (When MISP before 2.4.80 is configured with X.509 certificate
...)
- TODO: check
+ NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat
Sharing)
CVE-2017-14336
RESERVED
CVE-2017-14335 (On Beijing Hanbang Hanbanggaoke devices, because
user-controlled input ...)
@@ -82,7 +82,7 @@
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-231.html
CVE-2017-14315 (In Apple iOS 7 through 9, due to a BlueBorne flaw in the
implementation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-14314 (Off-by-one error in the DrawImage function in magick/render.c
in ...)
- graphicsmagick <unfixed>
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/2835184bfb78
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
