Author: carnil Date: 2017-11-15 21:18:11 +0000 (Wed, 15 Nov 2017) New Revision: 57667
Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-15 21:10:20 UTC (rev 57666) +++ data/CVE/list 2017-11-15 21:18:11 UTC (rev 57667) @@ -4118,13 +4118,13 @@ - mahara <removed> NOTE: https://mahara.org/interaction/forum/topic.php?id=8081 CVE-2017-15272 (The PSFTPd 10.0.4 Build 729 server stores its configuration inside ...) - TODO: check + NOT-FOR-US: PSFTPd CVE-2017-15271 (A use-after-free issue could be triggered remotely in the SFTP ...) - TODO: check + NOT-FOR-US: PSFTPd CVE-2017-15270 (The PSFTPd 10.0.4 Build 729 server does not properly escape data ...) - TODO: check + NOT-FOR-US: PSFTPd CVE-2017-15269 (The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans ...) - TODO: check + NOT-FOR-US: PSFTPd CVE-2017-15268 (Qemu through 2.10.0 allows remote attackers to cause a memory leak by ...) - qemu <unfixed> (bug #880836) [stretch] - qemu <no-dsa> (Minor issue) @@ -5105,7 +5105,7 @@ CVE-2017-14962 RESERVED CVE-2017-14961 (In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an ...) - TODO: check + NOT-FOR-US: IKARUS anti.virus CVE-2017-14960 RESERVED CVE-2017-14959 @@ -12031,9 +12031,9 @@ - couchdb <removed> NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6 CVE-2017-12634 (The camel-castor component in Apache Camel 2.x before 2.19.4 and ...) - TODO: check + NOT-FOR-US: Apache Camel CVE-2017-12633 (The camel-hessian component in Apache Camel 2.x before 2.19.4 and ...) - TODO: check + NOT-FOR-US: Apache Camel CVE-2017-12632 RESERVED CVE-2017-12631 @@ -14007,29 +14007,29 @@ CVE-2017-11850 (Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server ...) NOT-FOR-US: Microsoft CVE-2017-11849 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11848 (Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11847 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11846 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11845 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11844 (Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11843 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11842 (Windows kernel in Windows 8.1 and RT 8.1, Server 2012 and R2, Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11841 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11840 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11839 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11838 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-11837 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...) TODO: check CVE-2017-11836 (ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...) @@ -21300,11 +21300,11 @@ [wheezy] - qemu-kvm <no-dsa> (Minor issue) NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d68f0f778e7f4fbd674627274267f269e40f0b04 CVE-2017-9371 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 ...) - TODO: check + NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP) CVE-2017-9370 (An information disclosure / elevation of privilege vulnerability in ...) NOT-FOR-US: BlackBerry CVE-2017-9369 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 ...) - TODO: check + NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP) CVE-2017-9368 (An information disclosure vulnerability in the BlackBerry Workspaces ...) NOT-FOR-US: BlackBerry Workspaces Server CVE-2017-9367 (A directory traversal vulnerability in the BlackBerry Workspaces ...) @@ -38374,11 +38374,11 @@ CVE-2017-3894 (A stored cross site scripting vulnerability in the Management Console ...) NOT-FOR-US: BlackBerry CVE-2017-3893 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the ...) - TODO: check + NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP) CVE-2017-3892 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an ...) - TODO: check + NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP) CVE-2017-3891 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an ...) - TODO: check + NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP) CVE-2017-3890 (A reflected cross-site scripting vulnerability in the BlackBerry ...) NOT-FOR-US: BlackBerry CVE-2017-3889 (A vulnerability in the web interface of the Cisco Registered Envelope ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits