Author: carnil
Date: 2017-11-15 21:18:11 +0000 (Wed, 15 Nov 2017)
New Revision: 57667
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-15 21:10:20 UTC (rev 57666)
+++ data/CVE/list 2017-11-15 21:18:11 UTC (rev 57667)
@@ -4118,13 +4118,13 @@
- mahara <removed>
NOTE: https://mahara.org/interaction/forum/topic.php?id=8081
CVE-2017-15272 (The PSFTPd 10.0.4 Build 729 server stores its configuration
inside ...)
- TODO: check
+ NOT-FOR-US: PSFTPd
CVE-2017-15271 (A use-after-free issue could be triggered remotely in the SFTP
...)
- TODO: check
+ NOT-FOR-US: PSFTPd
CVE-2017-15270 (The PSFTPd 10.0.4 Build 729 server does not properly escape
data ...)
- TODO: check
+ NOT-FOR-US: PSFTPd
CVE-2017-15269 (The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce
scans ...)
- TODO: check
+ NOT-FOR-US: PSFTPd
CVE-2017-15268 (Qemu through 2.10.0 allows remote attackers to cause a memory
leak by ...)
- qemu <unfixed> (bug #880836)
[stretch] - qemu <no-dsa> (Minor issue)
@@ -5105,7 +5105,7 @@
CVE-2017-14962
RESERVED
CVE-2017-14961 (In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains
an ...)
- TODO: check
+ NOT-FOR-US: IKARUS anti.virus
CVE-2017-14960
RESERVED
CVE-2017-14959
@@ -12031,9 +12031,9 @@
- couchdb <removed>
NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
CVE-2017-12634 (The camel-castor component in Apache Camel 2.x before 2.19.4
and ...)
- TODO: check
+ NOT-FOR-US: Apache Camel
CVE-2017-12633 (The camel-hessian component in Apache Camel 2.x before 2.19.4
and ...)
- TODO: check
+ NOT-FOR-US: Apache Camel
CVE-2017-12632
RESERVED
CVE-2017-12631
@@ -14007,29 +14007,29 @@
CVE-2017-11850 (Microsoft Graphics Component in Windows 8.1 and RT 8.1,
Windows Server ...)
NOT-FOR-US: Microsoft
CVE-2017-11849 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and
R2 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11848 (Internet Explorer in Microsoft Microsoft Windows 7 SP1,
Windows Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11847 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and
R2 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11846 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1,
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11845 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker
to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11844 (Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows
Server, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11843 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1,
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11842 (Windows kernel in Windows 8.1 and RT 8.1, Server 2012 and R2,
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11841 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607,
1703, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11840 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607,
1703, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11839 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709,
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11838 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1,
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-11837 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1,
Windows ...)
TODO: check
CVE-2017-11836 (ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold,
1511, ...)
@@ -21300,11 +21300,11 @@
[wheezy] - qemu-kvm <no-dsa> (Minor issue)
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d68f0f778e7f4fbd674627274267f269e40f0b04
CVE-2017-9371 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and
6.5.0 ...)
- TODO: check
+ NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
CVE-2017-9370 (An information disclosure / elevation of privilege
vulnerability in ...)
NOT-FOR-US: BlackBerry
CVE-2017-9369 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and
6.5.0 ...)
- TODO: check
+ NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
CVE-2017-9368 (An information disclosure vulnerability in the BlackBerry
Workspaces ...)
NOT-FOR-US: BlackBerry Workspaces Server
CVE-2017-9367 (A directory traversal vulnerability in the BlackBerry
Workspaces ...)
@@ -38374,11 +38374,11 @@
CVE-2017-3894 (A stored cross site scripting vulnerability in the Management
Console ...)
NOT-FOR-US: BlackBerry
CVE-2017-3893 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0,
the ...)
- TODO: check
+ NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
CVE-2017-3892 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an
...)
- TODO: check
+ NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
CVE-2017-3891 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an
...)
- TODO: check
+ NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
CVE-2017-3890 (A reflected cross-site scripting vulnerability in the
BlackBerry ...)
NOT-FOR-US: BlackBerry
CVE-2017-3889 (A vulnerability in the web interface of the Cisco Registered
Envelope ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
