[Secure-testing-commits] r57841 - data/CVE

Moritz Muehlenhoff Sun, 19 Nov 2017 13:46:35 -0800

Author: jmm
Date: 2017-11-19 21:45:54 +0000 (Sun, 19 Nov 2017)
New Revision: 57841


Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-19 21:10:15 UTC (rev 57840)
+++ data/CVE/list       2017-11-19 21:45:54 UTC (rev 57841)
@@ -70,16 +70,16 @@
 CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the 
ItemCount field ...)
        NOT-FOR-US: Snap7 Server
 CVE-2017-1000227 (Stored XSS in Salutation Responsive WordPress + BuddyPress 
Theme ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2017-1000221 (In Opencast 2.2.3 and older if user names overlap, the 
Opencast search ...)
-       TODO: check
+       NOT-FOR-US: Opencast
 CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script 
injections ...)
-       TODO: check
+       NOT-FOR-US: Opencast
 CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE 
vulnerability ...)
        - simple-xml <unfixed>
        NOTE: https://github.com/ngallagher/simplexml/issues/18
 CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 
through ...)
-       TODO: check
+       NOT-FOR-US: Phoenix Framework
 CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 
parser ...)
        - exiv2 <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
@@ -95,7 +95,7 @@
 CVE-2017-16878
        RESERVED
 CVE-2017-16877 (ZEIT Next.js before 2.4.1 has directory traversal under the 
/_next and ...)
-       TODO: check
+       NOT-FOR-US: ZEIT Next.js
 CVE-2017-16876
        RESERVED
 CVE-2017-16875 (An issue was discovered in Teluu pjproject (pjlib and 
pjlib-util) in ...)
@@ -127,13 +127,13 @@
        - root-system <removed>
        NOTE: 
https://github.com/root-project/root/commit/88ccff152604e0f1012653a596d802ff7ede3145#diff-6cd6f6c31bac70116b7ca7abdc8e517e
 CVE-2017-1000192 (Cygnux sysPass version 2.1.7 and older is vulnerable to a 
Local File ...)
-       TODO: check
+       NOT-FOR-US: Cygnux sysPass
 CVE-2017-1000191 (Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet 
resulting ...)
-       TODO: check
+       NOT-FOR-US: Jool
 CVE-2017-1000170 (jqueryFileTree 2.1.5 and older Directory Traversal ...)
        TODO: check
 CVE-2017-1000169 (QuickerBB version &lt;= 0.7.2 is vulnerable to arbitrary 
file writes ...)
-       TODO: check
+       NOT-FOR-US: QuickerBB
 CVE-2017-1000168 (sodiumoxide 0.0.13 and older scalarmult() vulnerable to 
degenerate ...)
        TODO: check
 CVE-2017-1000161


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57841 - data/CVE

Reply via email to