Author: jmm
Date: 2015-02-12 06:17:49 +0000 (Thu, 12 Feb 2015)
New Revision: 32172

Modified:
   data/CVE/list
Log:
new wss4j issues
NFUs (concludes external check)


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-02-12 05:37:37 UTC (rev 32171)
+++ data/CVE/list       2015-02-12 06:17:49 UTC (rev 32172)
@@ -5700,8 +5700,10 @@
        RESERVED
 CVE-2015-0227
        RESERVED
+       - wss4j <unfixed>
 CVE-2015-0226
        RESERVED
+       - wss4j <unfixed>
 CVE-2015-0225
        RESERVED
 CVE-2015-0224 [qpidd can be crashed by unauthenticated user]
@@ -8519,6 +8521,7 @@
        NOTE: up to 2014.1.3 and 2014.2 version up to 2014.2.1
 CVE-2014-8122
        RESERVED
+       NOT-FOR-US: JBoss Weld
 CVE-2014-8121
        RESERVED
 CVE-2014-8120 (The agent in Thermostat before 1.0.6, when using unspecified 
...)
@@ -9268,6 +9271,7 @@
        RESERVED
 CVE-2014-7853
        RESERVED
+       NOT-FOR-US: JBoss AS/WildFly Domain Management
 CVE-2014-7852 (Cross-site scripting (XSS) vulnerability in JBoss RichFaces, as 
used ...)
        NOT-FOR-US: RichFaces
 CVE-2014-7851
@@ -9278,6 +9282,7 @@
        TODO: check (possibly unimportant severity if we don't include WebUI 
part and only have vulnerable code)
 CVE-2014-7849
        RESERVED
+       NOT-FOR-US: JBoss AS/WildFly Domain Management
 CVE-2014-7848 (lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 
2.7.x ...)
        - moodle 2.7.5+dfsg-1 (bug #775842)
        [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
@@ -9376,6 +9381,7 @@
        NOTE: https://fedorahosted.org/freeipa/ticket/4690
 CVE-2014-7827
        RESERVED
+       NOT-FOR-US: JBoss Security
 CVE-2014-7826 (kernel/trace/trace_syscalls.c in the Linux kernel through 
3.17.2 does ...)
        - linux 3.16.7-ckt2-1
        [wheezy] - linux <not-affected> (Vulnerable code introduced later)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to