Author: jmm
Date: 2017-02-16 12:28:06 +0000 (Thu, 16 Feb 2017)
New Revision: 48994

Modified:
   data/CVE/list
Log:
new openssl 1.1 issue
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-02-16 09:10:12 UTC (rev 48993)
+++ data/CVE/list       2017-02-16 12:28:06 UTC (rev 48994)
@@ -6122,6 +6122,11 @@
        RESERVED
 CVE-2017-3733
        RESERVED
+       - openssl <unfixed>
+       - openssl1.0 <not-affected> (Only affects 1.1)
+       [jessie] - openssl <not-affected> (Only affects 1.1)
+       [wheezy] - openssl <not-affected> (Only affects 1.1)
+       NOTE: https://www.openssl.org/news/secadv/20170216.txt
 CVE-2017-3732
        RESERVED
        - openssl 1.1.0d-1
@@ -25549,9 +25554,9 @@
        NOTE: The problem as well only arises with docker fork in RedHat, not 
with upstream docker
        NOTE: https://github.com/projectatomic/oci-register-machine/pull/22
 CVE-2016-6287 (The &quot;http-client&quot; egg always used a HTTP_PROXY 
environment variable to ...)
-       TODO: check
+       NOT-FOR-US: Addons for Chicken
 CVE-2016-6286 (The &quot;spiffy-cgi-handlers&quot; egg would convert a 
nonexistent &quot;Proxy&quot; ...)
-       TODO: check
+       NOT-FOR-US: Addons for Chicken
 CVE-2016-6285 (Cross-site scripting (XSS) vulnerability in ...)
        NOT-FOR-US: Atlassian JIRA
 CVE-2016-6284
@@ -26603,11 +26608,11 @@
 CVE-2016-6080 (The WebAdmin context for WebSphere Message Broker allows 
directory ...)
        NOT-FOR-US: IBM
 CVE-2016-6079 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2016-6078
        RESERVED
 CVE-2016-6077 (IBM Cognos Disclosure Management 10.2 could allow a malicious 
attacker ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2016-6076
        RESERVED
 CVE-2016-6075
@@ -26641,7 +26646,7 @@
 CVE-2016-6061 (IBM Jazz Foundation is vulnerable to cross-site scripting. This 
...)
        NOT-FOR-US: IBM
 CVE-2016-6060 (An undisclosed vulnerability in IBM Rational DOORS Next 
Generation ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2016-6059 (IBM InfoSphere Information Server is vulnerable to a denial of 
...)
        NOT-FOR-US: IBM
 CVE-2016-6058


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to