[Secure-testing-commits] r48908 - data/CVE

Moritz Muehlenhoff Tue, 14 Feb 2017 00:54:07 -0800

Author: jmm
Date: 2017-02-14 08:53:45 +0000 (Tue, 14 Feb 2017)
New Revision: 48908


Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-02-14 07:59:18 UTC (rev 48907)
+++ data/CVE/list       2017-02-14 08:53:45 UTC (rev 48908)
@@ -18250,7 +18250,7 @@
 CVE-2016-8496
        RESERVED
 CVE-2016-8495 (FortiManager does not properly validate TLS certificates when 
probing ...)
-       TODO: check
+       NOT-FOR-US: FortiManager
 CVE-2016-8494 (Insufficient verification of uploaded files allows attackers 
with ...)
        NOT-FOR-US: Fortiguard
 CVE-2016-8493
@@ -23870,7 +23870,7 @@
 CVE-2016-6701 (A remote code execution vulnerability in libskia in Android 7.0 
before ...)
        - skia <itp> (bug #818180)
 CVE-2016-6700 (An elevation of privilege vulnerability in libzipfile in 
Android 4.x ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2016-6699 (A remote code execution vulnerability in libstagefright in 
Mediaserver ...)
        NOT-FOR-US: libstagefright
 CVE-2016-6698 (An information disclosure vulnerability in Qualcomm components 
...)
@@ -27561,7 +27561,7 @@
 CVE-2016-5692
        RESERVED
 CVE-2016-5686 (Johnson &amp; Johnson Animas OneTouch Ping devices mishandle 
...)
-       TODO: check
+       NOT-FOR-US: Animas OneTouch Ping
 CVE-2016-5685 (Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 
allow ...)
        NOT-FOR-US: Dell
 CVE-2016-5684 (An exploitable out-of-bounds write vulnerability exists in the 
XMP ...)
@@ -27649,7 +27649,7 @@
        RESERVED
        NOT-FOR-US: Acer Portal Android application
 CVE-2016-5647 (The igdkmd64 module in the Intel Graphics Driver through 
15.33.42.435, ...)
-       TODO: check
+       NOT-FOR-US: Intel Windows drivers
 CVE-2016-5646 (An exploitable heap overflow vulnerability exists in the 
Compound ...)
        TODO: check
 CVE-2016-5645 (Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 
1766-L32AWA, ...)
@@ -28124,7 +28124,7 @@
 CVE-2016-5493 (Unspecified vulnerability in the Oracle FLEXCUBE Private 
Banking ...)
        NOT-FOR-US: Oracle
 CVE-2016-5492 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit 
(AK) ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2016-5491 (Unspecified vulnerability in the Oracle Commerce Service Center 
...)
        NOT-FOR-US: Oracle
 CVE-2016-5490 (Unspecified vulnerability in the Oracle FLEXCUBE Universal 
Banking ...)
@@ -28136,7 +28136,7 @@
 CVE-2016-5487 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows 
local ...)
        NOT-FOR-US: Solaris
 CVE-2016-5486 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit 
(AK) ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2016-5485
        RESERVED
 CVE-2016-5484
@@ -28146,7 +28146,7 @@
 CVE-2016-5482 (Unspecified vulnerability in the Oracle Commerce Guided Search 
...)
        NOT-FOR-US: Oracle
 CVE-2016-5481 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit 
(AK) ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2016-5480 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local 
users ...)
        NOT-FOR-US: Solaris
 CVE-2016-5479 (Unspecified vulnerability in the Oracle FLEXCUBE Universal 
Banking ...)
@@ -28285,9 +28285,9 @@
 CVE-2016-5431
        RESERVED
 CVE-2016-5430 (The RSA 1.5 algorithm implementation in the JOSE_JWE class in 
JWE.php ...)
-       TODO: check
+       NOT-FOR-US: jose-php
 CVE-2016-5429 (jose-php before 2.2.1 does not use constant-time operations for 
HMAC ...)
-       TODO: check
+       NOT-FOR-US: jose-php
 CVE-2016-5428
        RESERVED
 CVE-2016-5427 (PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not 
...)
@@ -30242,11 +30242,11 @@
 CVE-2016-5087 (Alertus Desktop Notification before 2.9.31.1710 on OS X uses 
weak ...)
        NOT-FOR-US: Alertus
 CVE-2016-5086 (Johnson &amp; Johnson Animas OneTouch Ping devices allow remote 
attackers ...)
-       TODO: check
+       NOT-FOR-US: Animas OneTouch Ping
 CVE-2016-5085 (Johnson &amp; Johnson Animas OneTouch Ping devices do not 
properly ...)
-       TODO: check
+       NOT-FOR-US: Animas OneTouch Ping
 CVE-2016-5084 (Johnson &amp; Johnson Animas OneTouch Ping devices do not use 
encryption ...)
-       TODO: check
+       NOT-FOR-US: Animas OneTouch Ping
 CVE-2016-5083
        RESERVED
 CVE-2016-5082


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r48908 - data/CVE

Reply via email to