[Secure-testing-commits] r52730 - data/CVE

Tue, 20 Jun 2017 02:14:46 -0700 

Author: jmm
Date: 2017-06-20 09:13:59 +0000 (Tue, 20 Jun 2017)
New Revision: 52730

Modified:
   data/CVE/list
Log:
NFUs
uclibc unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-06-20 09:10:14 UTC (rev 52729)
+++ data/CVE/list       2017-06-20 09:13:59 UTC (rev 52730)
@@ -173,11 +173,9 @@
 CVE-2017-9730 (SQL injection vulnerability in rdr.php in nuevoMailer version 
6.0 and ...)
        NOT-FOR-US: nuevoMailer
 CVE-2017-9729 (In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled 
recursion) ...)
-       - uclibc <undetermined>
-       TODO: check and check uclibc-ng
+       - uclibc <unfixed> (unimportant)
 CVE-2017-9728 (In uClibc 0.9.33.2, there is an out-of-bounds read in the 
get_subexp ...)
-       - uclibc <undetermined>
-       TODO: check and check uclibc-ng
+       - uclibc <unfixed> (unimportant)
 CVE-2017-9727
        RESERVED
 CVE-2017-9726
@@ -3630,11 +3628,11 @@
 CVE-2017-8452 (Kibana versions prior to 5.2.1 configured for SSL client 
access, file ...)
        - kibana <itp> (bug #700337)
 CVE-2017-8451 (With X-Pack installed, Kibana versions before 5.3.1 have an 
open ...)
-       TODO: check
+       NOT-FOR-US: Kibana addon
 CVE-2017-8450 (X-Pack 5.1.1 did not properly apply document and field level 
security ...)
-       TODO: check
+       NOT-FOR-US: Kibana addon
 CVE-2017-8449 (X-Pack Security 5.2.x would allow access to more fields than 
the user ...)
-       TODO: check
+       NOT-FOR-US: Kibana addon
 CVE-2017-8448
        RESERVED
 CVE-2017-8447
@@ -3714,7 +3712,7 @@
 CVE-2016-10365 (Kibana versions before 4.6.3 and 5.0.1 have an open redirect 
...)
        - kibana <itp> (bug #700337)
 CVE-2016-10364 (With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were 
not ...)
-       TODO: check
+       NOT-FOR-US: Kibana addon
 CVE-2016-10363 (Logstash versions prior to 2.3.3, when using the Netflow Codec 
plugin, ...)
        - logstash <itp> (bug #664841)
 CVE-2016-10362 (Prior to Logstash version 5.0.1, Elasticsearch Output plugin 
when ...)
@@ -17527,11 +17525,11 @@
 CVE-2017-3746
        RESERVED
 CVE-2017-3745 (In Lenovo XClarity Administrator (LXCA) before 1.3.0, if 
service data ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2017-3744 (In the IMM2 firmware of Lenovo System x servers, remote 
commands ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2017-3743 (If multiple users are concurrently logged into a single system 
where ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2017-3742
        RESERVED
 CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a 
local user ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to