Author: jmm
Date: 2015-11-27 23:25:39 +0000 (Fri, 27 Nov 2015)
New Revision: 37959
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-27 23:19:52 UTC (rev 37958)
+++ data/CVE/list 2015-11-27 23:25:39 UTC (rev 37959)
@@ -54,7 +54,6 @@
RESERVED
CVE-2015-8342
REJECTED
- TODO: check
CVE-2015-8341
RESERVED
CVE-2015-8340
@@ -89,9 +88,9 @@
CVE-2015-8331
RESERVED
CVE-2015-8330 (The PCo agent in SAP Plant Connectivity (PCo) allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-8329 (SAP Manufacturing Integration and Intelligence (aka MII,
formerly ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-8328 (Unspecified vulnerability in the NVAPI support layer in the
NVIDIA GPU ...)
TODO: check
CVE-2015-8327
@@ -329,7 +328,7 @@
NOTE: http://framework.zend.com/security/advisory/ZF2015-09
NOTE:
https://github.com/zendframework/zf1/commit/4a41392f89bf510a8ab801eacb117fe7ea25b575
CVE-2009-5149 (Arris DG860A, TG862A, and TG862G devices with firmware ...)
- TODO: check
+ NOT-FOR-US: Arris hardware
CVE-2015-XXXX [Missing bounds checking and verification of data type causes
segfault]
- libmaxminddb <unfixed> (bug #805657)
NOTE:
https://github.com/maxmind/libmaxminddb/commit/51255f113fe3c7b63ffe957636a7656a3ff9d1ff
@@ -350,23 +349,23 @@
CVE-2015-8237
RESERVED
CVE-2015-8236 (Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before
4.13.14M, ...)
- TODO: check
+ NOT-FOR-US: Arista EOS
CVE-2015-8235
RESERVED
CVE-2015-8233 (Cross-site scripting (XSS) vulnerability in the MAYO theme
7.x-1.x ...)
- TODO: check
+ NOT-FOR-US: Drupal theme
CVE-2015-8232 (The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does
not ...)
- TODO: check
+ NOT-FOR-US: Drupal theme
CVE-2015-8231
RESERVED
CVE-2015-8230
RESERVED
CVE-2015-8229 (Huawei eSpace U2980 unified gateway with software before
V100R001C10 ...)
- TODO: check
+ NOT-FOR-US: Huawai
CVE-2015-8228 (Directory traversal vulnerability in the SFTP server in Huawei
AR 120, ...)
- TODO: check
+ NOT-FOR-US: Huawai
CVE-2015-8227 (The built-in web server in Huawei VP9660 multi-point control
unit with ...)
- TODO: check
+ NOT-FOR-US: Huawai
CVE-2015-8226
RESERVED
CVE-2015-8225
@@ -378,9 +377,9 @@
CVE-2015-8222 (The lxd-unix.socket systemd unit file in the Ubuntu lxd package
before ...)
- lxd <itp> (bug #768073)
CVE-2015-8221 (Integer overflow in Google Picasa before 3.9.140 Build 259
allows ...)
- TODO: check
+ NOT-FOR-US: Google Picasa
CVE-2015-8220 (Stack-based buffer overflow in the URI handler in DWRCC.exe in
...)
- TODO: check
+ NOT-FOR-US: SolarWinds remote control
CVE-2015-8242 [Buffer overread with HTML parser in push mode in
xmlSAX2TextNode]
RESERVED
- libxml2 <unfixed> (bug #805146)
@@ -615,7 +614,6 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273845
NOTE: https://groups.google.com/forum/#!topic/syzkaller/3twDUI4Cpm8
NOTE: http://www.openwall.com/lists/oss-security/2015/11/18/9
- TODO: check
CVE-2015-8317 [issues in the xmlParseXMLDecl function]
RESERVED
- libxml2 2.9.2+zdfsg1-4
@@ -670,7 +668,7 @@
CVE-2015-8114
RESERVED
CVE-2015-8113 (Untrusted search path vulnerability in the client in Symantec
Endpoint ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-8112
RESERVED
CVE-2015-8111
@@ -728,7 +726,7 @@
CVE-2015-8097
RESERVED
CVE-2015-8096 (Integer overflow in Google Picasa 3.9.140 Build 239 and Build
248 ...)
- TODO: check
+ NOT-FOR-US: Google Picasa
CVE-2015-8095 (The recycle bin feature in the Monster Menus module 7.x-1.21
before ...)
TODO: check
CVE-2015-8094
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
