Author: jmm
Date: 2017-09-29 21:56:45 +0000 (Fri, 29 Sep 2017)
New Revision: 56266
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-29 21:23:48 UTC (rev 56265)
+++ data/CVE/list 2017-09-29 21:56:45 UTC (rev 56266)
@@ -9,11 +9,11 @@
CVE-2017-14945 (Artifex GSView 6.0 Beta on Windows allows attackers to cause a
denial ...)
TODO: check
CVE-2017-14944 (Inedo ProGet before 4.7.14 does not properly address dangerous
package ...)
- TODO: check
+ NOT-FOR-US: Inedo ProGet
CVE-2017-14943
RESERVED
CVE-2017-14942 (Intelbras WRN 150 devices allow remote attackers to read the
...)
- TODO: check
+ NOT-FOR-US: Intelbras WRN 150 devices
CVE-2017-14941
RESERVED
CVE-2017-14940 (scan_unit_for_symbols in dwarf2.c in the Binary File
Descriptor (BFD) ...)
@@ -39,7 +39,7 @@
CVE-2017-14936
RESERVED
CVE-2016-10512 (MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted
for ...)
- TODO: check
+ NOT-FOR-US: MultiTech FaxFinder
CVE-2017-14935 (Pulse Secure Pulse One On-Premise 2.0.1649 and below does not
properly ...)
NOT-FOR-US: Pulse Secure
CVE-2017-14934 (process_debug_info in dwarf.c in the Binary File Descriptor
(BFD) ...)
@@ -367,9 +367,9 @@
CVE-2017-14797
RESERVED
CVE-2017-14796 (The hevc_write_frame function in libbpg.c in libbpg 0.9.7
allows remote ...)
- TODO: check
+ NOT-FOR-US: libbpg
CVE-2017-14795 (The hevc_write_frame function in libbpg.c in libbpg 0.9.7
allows remote ...)
- TODO: check
+ NOT-FOR-US: libbpg
CVE-2017-14794
RESERVED
CVE-2017-14793
@@ -506,7 +506,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/bbc582d5439a7f9338c6bdc8c34b1ae221ae5214
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/67a633df9386704f45d1ad24f7f5af8a5d11f4a3
CVE-2017-14738 (FileRun (version 2017.09.18 and below) suffers from a remote
SQL ...)
- TODO: check
+ NOT-FOR-US: FileRun
CVE-2017-14737 (A cryptographic cache-based side channel in the RSA
implementation in ...)
- botan1.10 <unfixed>
NOTE: https://github.com/randombit/botan/issues/1222
@@ -607,7 +607,7 @@
CVE-2017-14703 (SQL injection vulnerability in Cash Back Comparison Script 1.0
allows ...)
NOT-FOR-US: Cash Back Comparison Script
CVE-2017-14702 (ERS Data System 1.8.1.0 allows remote attackers to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: ERS Data System
CVE-2017-14701
RESERVED
CVE-2017-14700
@@ -816,7 +816,7 @@
CVE-2017-14621 (Portus 2.2.0 has XSS via the Team field, related to typeahead.
...)
NOT-FOR-US: Portus
CVE-2017-14620 (SmarterStats Version 11.3.6347 will Render the Referer Field
of HTTP ...)
- TODO: check
+ NOT-FOR-US: SmarterStats
CVE-2017-14619 (Cross-site scripting (XSS) vulnerability in phpMyFAQ through
2.9.8 ...)
NOT-FOR-US: phpMyFAQ
CVE-2017-14618 (Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in
phpMyFAQ ...)
@@ -919,7 +919,7 @@
CVE-2017-14583
RESERVED
CVE-2017-14582 (The Zoho Site24x7 Mobile Network Poller application before
1.1.5 for ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2017-XXXX [pcb code injection by malicious layout file]
- pcb-rnd 1.2.5-2 (bug #876540)
[stretch] - pcb-rnd <no-dsa> (Minor issue)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
