Author: jmm
Date: 2017-08-09 13:35:48 +0000 (Wed, 09 Aug 2017)
New Revision: 54481

Modified:
   data/CVE/list
Log:
NFUs
miniupnpc no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-09 12:55:49 UTC (rev 54480)
+++ data/CVE/list       2017-08-09 13:35:48 UTC (rev 54481)
@@ -2156,7 +2156,7 @@
 CVE-2017-11742 (The writeRandomBytes_RtlGenRandom function in xmlparse.c in 
libexpat in ...)
        - expat <not-affected> (Windows specfic issue)
 CVE-2017-11741 (HashiCorp Vagrant VMware Fusion plugin (aka 
vagrant-vmware-fusion) ...)
-       TODO: check
+       NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-11740
        RESERVED
 CVE-2017-11739
@@ -3830,15 +3830,15 @@
 CVE-2017-11156
        RESERVED
 CVE-2017-11155 (An information exposure vulnerability in index.php in Synology 
Photo ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2017-11154 (Unrestricted file upload vulnerability in 
PixlrEditorHandler.php in ...)
        TODO: check
 CVE-2017-11153 (Deserialization vulnerability in synophoto_csPhotoMisc.php in 
Synology ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2017-11152 (Directory traversal vulnerability in PixlrEditorHandler.php in 
...)
        TODO: check
 CVE-2017-11151 (A vulnerability in synotheme_upload.php in Synology Photo 
Station ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2017-11150
        RESERVED
 CVE-2017-11149
@@ -4051,6 +4051,7 @@
        NOT-FOR-US: ATutor
 CVE-2017-1000001 (FedMsg 0.18.1 and older is vulnerable to a message 
validation flaw ...)
        - fedmsg <removed> (bug #868508)
+       [jessie] - fedmsg <no-dsa> (Minor issue)
        NOTE: https://github.com/fedora-infra/fedmsg/commit/5c21cf88a
 CVE-2017-11141 (The ReadMATImage function in coders\mat.c in ImageMagick 
7.0.5-6 has a ...)
        {DSA-3914-1}
@@ -6697,35 +6698,35 @@
 CVE-2017-10259
        RESERVED
 CVE-2017-10258 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10257 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10256 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10255 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10254 (Vulnerability in the PeopleSoft Enterprise FSCM component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10253 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10252 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10251 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10250 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10249 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10248 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10247 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10246 (Vulnerability in the Oracle Application Object Library 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10245 (Vulnerability in the Oracle General Ledger component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10244 (Vulnerability in the Oracle Application Object Library 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10243 (Vulnerability in the Java SE, Java SE Embedded, JRockit 
component of ...)
        - openjdk-8 8u141-b15-1
        - openjdk-7 <removed>
@@ -6764,55 +6765,55 @@
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
        [wheezy] - virtualbox <end-of-life> (DSA 3454)
 CVE-2017-10234 (Vulnerability in the Solaris Cluster component of Oracle Sun 
Systems ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10233 (Vulnerability in the Oracle VM VirtualBox component of Oracle 
...)
        - virtualbox 5.1.24-dfsg-1
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
        [wheezy] - virtualbox <end-of-life> (DSA 3454)
 CVE-2017-10232 (Vulnerability in the Hospitality WebSuite8 Cloud Service 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10231 (Vulnerability in the Oracle Hospitality Cruise AffairWhere 
component ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10230 (Vulnerability in the Oracle Hospitality Cruise Dining Room 
Management ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10229 (Vulnerability in the Oracle Hospitality Cruise Materials 
Management ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10228 (Vulnerability in the Oracle Hospitality Cruise Shipboard 
Property ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10227
        RESERVED
 CVE-2017-10226 (Vulnerability in the Oracle Hospitality Cruise Fleet 
Management ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10225 (Vulnerability in the Oracle Hospitality RES 3700 component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10224 (Vulnerability in the Oracle Hospitality Inventory Management 
component ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10223 (Vulnerability in the Oracle Hospitality Materials Control 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10222 (Vulnerability in the Oracle Hospitality Materials Control 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10221 (Vulnerability in the Oracle Hospitality RES 3700 component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10220 (Vulnerability in the Hospitality Property Interfaces component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10219 (Vulnerability in the Oracle Hospitality Guest Access component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10218 (Vulnerability in the Oracle Hospitality Guest Access component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10217 (Vulnerability in the Oracle Hospitality Guest Access component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10216 (Vulnerability in the Hospitality Property Interfaces component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10215 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: PeopleSoft
 CVE-2017-10214 (Vulnerability in the Oracle Retail Xstore Point of Service 
component ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10213 (Vulnerability in the Hospitality Suite8 component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10212 (Vulnerability in the Hospitality Suite8 component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10211 (Vulnerability in the Hospitality Suite8 component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10210 (Vulnerability in the Oracle VM VirtualBox component of Oracle 
...)
        - virtualbox 5.1.24-dfsg-1
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -6822,13 +6823,13 @@
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
        [wheezy] - virtualbox <end-of-life> (DSA 3454)
 CVE-2017-10208 (Vulnerability in the Oracle Hospitality e7 component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10207 (Vulnerability in the Oracle Hospitality Simphony component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10206 (Vulnerability in the Oracle Hospitality Simphony component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10205 (Vulnerability in the Oracle Hospitality Simphony component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10204 (Vulnerability in the Oracle VM VirtualBox component of Oracle 
...)
        - virtualbox 5.1.24-dfsg-1
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -6836,13 +6837,13 @@
 CVE-2017-10203
        RESERVED
 CVE-2017-10202 (Vulnerability in the OJVM component of Oracle Database Server. 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10201 (Vulnerability in the Oracle Hospitality e7 component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10200 (Vulnerability in the Oracle Hospitality e7 component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10199 (Vulnerability in the Oracle iLearning component of Oracle 
iLearning ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10198 (Vulnerability in the Java SE, Java SE Embedded, JRockit 
component of ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -6852,9 +6853,9 @@
 CVE-2017-10197
        RESERVED
 CVE-2017-10196 (Vulnerability in the Oracle Outside In Technology component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10195 (Vulnerability in the Oracle Hospitality Simphony component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10194
        RESERVED
 CVE-2017-10193 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
@@ -6864,59 +6865,59 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10192 (Vulnerability in the Oracle iStore component of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10191 (Vulnerability in the Oracle Web Analytics component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10190
        RESERVED
 CVE-2017-10189 (Vulnerability in the Hospitality Suite8 component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10188 (Vulnerability in the Hospitality Hotel Mobile component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10187 (Vulnerability in the Oracle VM VirtualBox component of Oracle 
...)
        - virtualbox 5.1.24-dfsg-1
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
        [wheezy] - virtualbox <end-of-life> (DSA 3454)
 CVE-2017-10186 (Vulnerability in the Oracle iStore component of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10185 (Vulnerability in the Oracle CRM Technical Foundation component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10184 (Vulnerability in the Oracle Field Service component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10183 (Vulnerability in the Oracle Retail Xstore Point of Service 
component ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10182 (Vulnerability in the Oracle Hospitality OPERA 5 Property 
Services ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10181 (Vulnerability in the Oracle FLEXCUBE Direct Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10180 (Vulnerability in the Oracle CRM Technical Foundation component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10179 (Vulnerability in the Application Management Pack for Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10178 (Vulnerability in the Oracle WebLogic Server component of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10177 (Vulnerability in the Oracle Application Object Library 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10176 (Vulnerability in the Java SE, Java SE Embedded, JRockit 
component of ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
        - openjdk-7 <removed>
 CVE-2017-10175 (Vulnerability in the Oracle iSupport component of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10174 (Vulnerability in the Oracle iSupport component of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10173 (Vulnerability in the Oracle Retail Open Commerce Platform 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10172 (Vulnerability in the Oracle Retail Open Commerce Platform 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10171 (Vulnerability in the Oracle Marketing component of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10170 (Vulnerability in the Oracle Field Service component of Oracle 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10169 (Vulnerability in the Oracle Hospitality 9700 component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10168 (Vulnerability in the Hospitality Hotel Mobile component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10167
        RESERVED
 CVE-2017-10166
@@ -6932,15 +6933,15 @@
 CVE-2017-10161
        RESERVED
 CVE-2017-10160 (Vulnerability in the Primavera P6 Enterprise Project Portfolio 
...)
-       TODO: check
+       NOT-FOR-US: Primavera
 CVE-2017-10159
        RESERVED
 CVE-2017-10158
        RESERVED
 CVE-2017-10157 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10156 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10155
        RESERVED
 CVE-2017-10154
@@ -6953,25 +6954,25 @@
 CVE-2017-10151
        RESERVED
 CVE-2017-10150 (Vulnerability in the Primavera Unifier component of Oracle 
Primavera ...)
-       TODO: check
+       NOT-FOR-US: Primavera
 CVE-2017-10149 (Vulnerability in the Primavera Unifier component of Oracle 
Primavera ...)
-       TODO: check
+       NOT-FOR-US: Primavera
 CVE-2017-10148 (Vulnerability in the Oracle WebLogic Server component of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10147 (Vulnerability in the Oracle WebLogic Server component of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10146 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10145 (Vulnerability in the Java Advanced Management Console 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10144 (Vulnerability in the Oracle Applications Manager component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10143 (Vulnerability in the Oracle CRM Technical Foundation component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10142 (Vulnerability in the Oracle Hospitality Reporting and 
Analytics ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10141 (Vulnerability in the Oracle Outside In Technology component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10140
        RESERVED
 CVE-2017-10139
@@ -6979,9 +6980,9 @@
 CVE-2017-10138
        RESERVED
 CVE-2017-10137 (Vulnerability in the Oracle WebLogic Server component of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10136 (Vulnerability in the Oracle Hospitality Simphony component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10135 (Vulnerability in the Java SE, Java SE Embedded, JRockit 
component of ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -6990,40 +6991,40 @@
        [wheezy] - openjdk-6 <end-of-life>
        NOTE: OpenJDK-8 upstream commit: 
http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/079cd6c5de27
 CVE-2017-10134 (Vulnerability in the PeopleSoft Enterprise FSCM component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10133 (Vulnerability in the Hospitality Hotel Mobile component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10132 (Vulnerability in the Hospitality Hotel Mobile component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10131 (Vulnerability in the Primavera P6 Enterprise Project Portfolio 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10130 (Vulnerability in the Oracle iStore component of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10129 (Vulnerability in the Oracle VM VirtualBox component of Oracle 
...)
        - virtualbox 5.1.24-dfsg-1
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
        [wheezy] - virtualbox <end-of-life> (DSA 3454)
 CVE-2017-10128 (Vulnerability in the Hospitality WebSuite8 Cloud Service 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10127
        RESERVED
 CVE-2017-10126 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10125 (Vulnerability in the Java SE component of Oracle Java SE ...)
        - openjdk-8 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
        - openjdk-7 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
 CVE-2017-10124
        RESERVED
 CVE-2017-10123 (Vulnerability in the Oracle WebLogic Server component of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10122 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10121 (Vulnerability in the Java Advanced Management Console 
component of ...)
        NOT-FOR-US: Java Advanced Management Console
 CVE-2017-10120 (Vulnerability in the RDBMS Security component of Oracle 
Database ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10119 (Vulnerability in the Oracle Service Bus component of Oracle 
Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10118 (Vulnerability in the Java SE, Java SE Embedded, JRockit 
component of ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7045,9 +7046,9 @@
 CVE-2017-10114 (Vulnerability in the Java SE component of Oracle Java SE ...)
        - openjfx <unfixed> (bug #870860)
 CVE-2017-10113 (Vulnerability in the Oracle Common Applications component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10112 (Vulnerability in the Oracle iStore component of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10111 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7076,7 +7077,7 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10106 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10105 (Vulnerability in the Java SE component of Oracle Java SE ...)
        - openjdk-8 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
        - openjdk-7 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
@@ -7084,7 +7085,7 @@
 CVE-2017-10104 (Vulnerability in the Java Advanced Management Console 
component of ...)
        NOT-FOR-US: Java Advanced Management Console
 CVE-2017-10103 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10102 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7098,13 +7099,13 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10100 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10099
        RESERVED
 CVE-2017-10098 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10097 (Vulnerability in the Oracle Hospitality Reporting and 
Analytics ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10096 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7112,15 +7113,15 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10095 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10094 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10093 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10092 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10091 (Vulnerability in the Enterprise Manager Base Platform 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10090 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7132,7 +7133,7 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10088 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10087 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7142,13 +7143,13 @@
 CVE-2017-10086 (Vulnerability in the Java SE component of Oracle Java SE ...)
        - openjfx <unfixed> (bug #870860)
 CVE-2017-10085 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10084 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10083 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10082 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10081 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7156,18 +7157,18 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10080 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10079 (Vulnerability in the Oracle Hospitality Suites Management 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10078 (Vulnerability in the Java SE component of Oracle Java SE ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
 CVE-2017-10077
        RESERVED
 CVE-2017-10076 (Vulnerability in the Oracle Hospitality Simphony First Edition 
Venue ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10075 (Vulnerability in the Oracle WebCenter Content component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10074 (Vulnerability in the Java SE, Java SE Embedded component of 
Oracle ...)
        {DSA-3919-1}
        - openjdk-8 8u141-b15-1
@@ -7175,15 +7176,15 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10073 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10072 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10071 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10070 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10069 (Vulnerability in the Oracle Payment Interface component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10068
        RESERVED
 CVE-2017-10067 (Vulnerability in the Java SE component of Oracle Java SE ...)
@@ -7197,23 +7198,23 @@
 CVE-2017-10065
        RESERVED
 CVE-2017-10064 (Vulnerability in the Hospitality WebSuite8 Cloud Service 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10063 (Vulnerability in the Oracle WebLogic Server component of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10062 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10061 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10060
        RESERVED
 CVE-2017-10059 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10058 (Vulnerability in the Oracle Business Intelligence Enterprise 
Edition ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10057 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction 
Hub ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10056 (Vulnerability in the Oracle Hospitality 9700 component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10055
        RESERVED
 CVE-2017-10054
@@ -7225,111 +7226,111 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10052 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10051
        RESERVED
 CVE-2017-10050
        RESERVED
 CVE-2017-10049 (Vulnerability in the Siebel Core CRM component of Oracle 
Siebel CRM ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10048 (Vulnerability in the Oracle Enterprise Repository component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10047 (Vulnerability in the MICROS BellaVita component of Oracle 
Hospitality ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10046 (Vulnerability in the Primavera P6 Enterprise Project Portfolio 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10045 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10044 (Vulnerability in the Oracle Hospitality Reporting and 
Analytics ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10043 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10042 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10041 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10040 (Vulnerability in the Oracle WebCenter Content component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10039 (Vulnerability in the Oracle Agile PLM component of Oracle 
Supply Chain ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10038 (Vulnerability in the Primavera P6 Enterprise Project Portfolio 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10037
        RESERVED
 CVE-2017-10036 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10035 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10034
        RESERVED
 CVE-2017-10033
        RESERVED
 CVE-2017-10032 (Vulnerability in the Oracle Transportation Management 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10031 (Vulnerability in the Oracle Communications Convergence 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10030 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10029 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10028 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10027 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10026
        RESERVED
 CVE-2017-10025 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10024 (Vulnerability in the BI Publisher component of Oracle Fusion 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10023 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10022 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10021 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10020 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10019 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10018 (Vulnerability in the PeopleSoft Enterprise FSCM component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10017 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10016 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10015 (Vulnerability in the PeopleSoft Enterprise PeopleTools 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10014
        RESERVED
 CVE-2017-10013 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) 
component of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10012 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10011 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10010 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10009 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10008 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10007 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10006 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10005 (Vulnerability in the Oracle FLEXCUBE Private Banking component 
of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10004 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10003 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10002 (Vulnerability in the Oracle Hospitality Inventory Management 
component ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10001 (Vulnerability in the Oracle Hospitality Simphony First Edition 
...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-10000 (Vulnerability in the Oracle Hospitality Reporting and 
Analytics ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-9782 (JasPer 2.0.12 allows remote attackers to cause a denial of 
service ...)
        - jasper <removed>
        [jessie] - jasper <no-dsa> (Minor issue)
@@ -10578,6 +10579,7 @@
 CVE-2017-8798 (Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 
through ...)
        {DLA-949-1}
        - miniupnpc 1.9.20140610-3 (bug #862273)
+       [jessie] - miniupnpc <no-dsa> (Minor issue)
        NOTE: 
https://github.com/tintinweb/pub/blob/master/pocs/cve-2017-8798/Readme.md
        NOTE: Fixed by: 
https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229
 CVE-2017-8797 (The NFSv4 server in the Linux kernel before 4.11.3 does not 
properly ...)
@@ -26285,7 +26287,7 @@
        - mysql-5.7 <unfixed> (bug #868798)
        - mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 CVE-2017-3632 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-3631 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
        NOT-FOR-US: Solaris
 CVE-2017-3630 (Vulnerability in the Solaris component of Oracle Sun Systems 
Products ...)
@@ -26448,7 +26450,7 @@
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)
        [wheezy] - virtualbox <end-of-life> (DSA 3454)
 CVE-2017-3562 (Vulnerability in the Oracle Applications DBA component of 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2017-3561 (Vulnerability in the Oracle VM VirtualBox component of Oracle 
...)
        - virtualbox 5.1.20-dfsg-1
        [jessie] - virtualbox <end-of-life> (DSA-3699-1)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to