[Secure-testing-commits] r56862 - data/CVE

Thu, 19 Oct 2017 03:27:18 -0700 

Author: geissert
Date: 2017-10-19 10:26:53 +0000 (Thu, 19 Oct 2017)
New Revision: 56862

Modified:
   data/CVE/list
Log:
web2py, openjpeg2, puppet, mistune, NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-19 09:42:09 UTC (rev 56861)
+++ data/CVE/list       2017-10-19 10:26:53 UTC (rev 56862)
@@ -49,13 +49,14 @@
 CVE-2017-15613
        RESERVED
 CVE-2017-15612 (mistune.py in Mistune 0.7.4 allows XSS via an unexpected 
newline (such ...)
+       - mistune <unfixed>
        TODO: check
 CVE-2017-15611 (In Octopus before 3.17.7, an authenticated user who was 
explicitly ...)
-       TODO: check
+       NOT-FOR-US: Octopus Deploy
 CVE-2017-15610 (An issue was discovered in Octopus before 3.17.7. When the 
special ...)
-       TODO: check
+       NOT-FOR-US: Octopus Deploy
 CVE-2017-15609 (Octopus before 3.17.7 allows attackers to obtain sensitive 
cleartext ...)
-       TODO: check
+       NOT-FOR-US: Octopus Deploy
 CVE-2017-15608
        RESERVED
 CVE-2017-15607
@@ -6610,7 +6611,7 @@
        NOTE: item is not applicable in practice. Furthermore, the PeerKey 
handshake
        NOTE: for IEEE 802.11e DLS is obsolete and not known to have been 
deployed.
 CVE-2017-13083 (Akeo Consulting Rufus prior to version 2.17.1187 does not 
adequately ...)
-       TODO: check
+       NOT-FOR-US: Akeo Consulting Rufus
 CVE-2017-13082 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 
802.11r ...)
        {DSA-3999-1}
        - wpa 2:2.4-1.1
@@ -57292,6 +57293,7 @@
 CVE-2016-5715 (Open redirect vulnerability in the Console in Puppet Enterprise 
2015.x ...)
        - puppet <not-affected> (Limited to Puppet Enterprise)
 CVE-2016-5714 (Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and 
Puppet ...)
+       - puppet <unfixed>
        TODO: check
 CVE-2016-5713
        RESERVED
@@ -80666,6 +80668,7 @@
        NOTE: http://www.spinics.net/lists/linux-nfs/msg53045.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/09/17/1
 CVE-2015-6961 (Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 
allows ...)
+       - web2py <unfixed>
        TODO: check
 CVE-2015-6960
        RESERVED
@@ -97676,6 +97679,7 @@
        [wheezy] - chromium-browser <end-of-life>
        [squeeze] - chromium-browser <end-of-life>
 CVE-2015-1239 (Double free vulnerability in the j2k_read_ppm_v3 function in 
OpenJPEG ...)
+       - openjpeg2 <unfixed>
        TODO: check
 CVE-2015-1238 (Skia, as used in Google Chrome before 42.0.2311.90, allows 
remote ...)
        {DSA-3238-1}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to