[Secure-testing-commits] r20466 - data/CVE

Federico Ceratto Thu, 08 Nov 2012 12:51:40 -0800

Author: federico-guest
Date: 2012-11-08 20:51:32 +0000 (Thu, 08 Nov 2012)
New Revision: 20466


Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-11-08 13:38:04 UTC (rev 20465)
+++ data/CVE/list       2012-11-08 20:51:32 UTC (rev 20466)
@@ -45,21 +45,21 @@
 CVE-2012-5826
        RESERVED
 CVE-2011-5243 (TwitterOAuth does not verify that the server hostname matches a 
domain ...)
-       TODO: check
+       NOT-FOR-US: TwitterOAuth
 CVE-2011-5242 (tmhOAuth before 0.61 does not verify that the server hostname 
matches ...)
-       TODO: check
+       NOT-FOR-US: tmhOAuth
 CVE-2011-5241 (Services_Twitter 0.6.3 does not verify that the server hostname 
...)
        NOT-FOR-US: PEAR module for Twitter
 CVE-2011-5240 (Magento 1.5 and 1.6.2 does not verify that the server hostname 
matches ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2011-5239 (CiviCRM 4.0.5 and 4.1.1 does not verify that the server 
hostname ...)
        TODO: check
 CVE-2011-5238 (google-checkout-php-sample-code before 1.3.2 does not verify 
that the ...)
-       TODO: check
+       NOT-FOR-US: google-checkout-php-sample-code
 CVE-2011-5237 (PayPal WPS ToolKit does not verify that the server hostname 
matches a ...)
-       TODO: check
+       NOT-FOR-US: PayPal WPS ToolKit
 CVE-2011-5236 (Moneris eSelectPlus 2.03 PHP API does not verify that the 
server ...)
-       TODO: check
+       NOT-FOR-US: Moneris eSelectPlus 2.03 PHP API
 CVE-2012-5825 (Tweepy does not verify that the server hostname matches a 
domain name ...)
        - tweepy <unfixed> (low; bug #692444)
 CVE-2012-5824 (Trillian 5.1.0.19 does not verify that the server hostname 
matches a ...)
@@ -73,13 +73,13 @@
        [squeeze] - lynx-cur <no-dsa> (Minor issue)
        [wheezy] - lynx-cur <no-dsa> (Minor issue)
 CVE-2012-5820 (The developer-account sample code in Google AdMob does not 
verify that ...)
-       TODO: check
+       NOT-FOR-US: Google AdMob
 CVE-2012-5819 (FilesAnywhere does not verify that the server hostname matches 
a ...)
-       TODO: check
+       NOT-FOR-US: FilesAnywhere
 CVE-2012-5818 (ElephantDrive does not verify that the server hostname matches 
a ...)
-       TODO: check
+       NOT-FOR-US: ElephantDrive
 CVE-2012-5817 (Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API 
Tools ...)
-       TODO: check
+       NOT-FOR-US: Codehaus XFire
 CVE-2012-5816 (AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the 
server ...)
        NOT-FOR-US: AOL Instant Messenger
 CVE-2012-5815 (The Rackspace app 2.1.5 for iOS does not verify that the server 
...)
@@ -131,15 +131,15 @@
 CVE-2012-5792 (The Sage Pay Direct module in osCommerce does not verify that 
the ...)
        NOT-FOR-US: osCommerce module
 CVE-2012-5791 (PayPal Invoicing does not verify that the server hostname 
matches a ...)
-       TODO: check
+       NOT-FOR-US: PayPal Invoicing
 CVE-2012-5790 (PayPal Payments Standard PHP Library 20120427 does not verify 
that the ...)
-       TODO: check
+       NOT-FOR-US: PayPal Payments Standard PHP Library
 CVE-2012-5789 (PayPal Payments Standard PHP Library before 20120427 does not 
verify ...)
-       TODO: check
+       NOT-FOR-US: PayPal Payments Standard PHP Library
 CVE-2012-5788 (The PayPal IPN utility does not verify that the server hostname 
...)
-       TODO: check
+       NOT-FOR-US: The PayPal IPN utility
 CVE-2012-5787 (The PayPal merchant SDK does not verify that the server 
hostname ...)
-       TODO: check
+       NOT-FOR-US: The PayPal merchant SDK
 CVE-2012-5786 (The wsdl_first_https sample code in ...)
        NOT-FOR-US: Apache CXF
 CVE-2012-5785 (Apache Axis2/Java 1.6.2 and earlier does not verify that the 
server ...)
@@ -149,11 +149,11 @@
 CVE-2012-5783 (Apache Commons HttpClient 3.x, as used in Amazon Flexible 
Payments ...)
        - commons-httpclient <unfixed> (bug #692442)
 CVE-2012-5782 (Amazon Flexible Payments Service (FPS) PHP Library does not 
verify ...)
-       TODO: check
+       NOT-FOR-US: Amazon Flexible Payments Service
 CVE-2012-5781 (Amazon Elastic Load Balancing API Tools does not verify that 
the ...)
-       TODO: check
+       NOT-FOR-US: Amazon Elastic Load Balancing API Tools
 CVE-2012-5780 (The Amazon merchant SDK does not verify that the server 
hostname ...)
-       TODO: check
+       NOT-FOR-US: The Amazon merchant SDK
 CVE-2012-5779
        RESERVED
 CVE-2012-5778


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r20466 - data/CVE

Reply via email to