[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Fri, 09 Feb 2018 01:44:08 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2a8a2ef5 by Salvatore Bonaccorso at 2018-02-09T10:43:16+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -64428,7 +64428,7 @@ CVE-2017-1787
 CVE-2017-1786
        RESERVED
 CVE-2017-1785 (IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated 
remote ...)
-       TODO: check
+       NOT-FOR-US: IBM API Connect
 CVE-2017-1784 (IBM Cognos Analytics 11.0 could produce results in temporary 
files ...)
        NOT-FOR-US: IBM Cognos Analytics
 CVE-2017-1783 (IBM Cognos Analytics 11.0 could allow a local user to change 
...)
@@ -64614,7 +64614,7 @@ CVE-2017-1694 (IBM Integration Bus 9.0 and 10.0 
transmits user credentials in pl
 CVE-2017-1693 (IBM Integration Bus 9.0 and 10.0 could allow an attacker that 
has ...)
        NOT-FOR-US: IBM Integration Bus
 CVE-2017-1692 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: IBM AIX
 CVE-2017-1691
        RESERVED
 CVE-2017-1690
@@ -79856,9 +79856,9 @@ CVE-2016-6175 (Eval injection vulnerability in 
php-gettext 1.0.12 and earlier al
 CVE-2016-6174 (applications/core/modules/front/system/content.php in Invision 
Power ...)
        NOT-FOR-US: Inivision
 CVE-2016-6169 (Heap-based buffer overflow in Foxit Reader and PhantomPDF 
7.3.4.311 ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2016-6168 (Use-after-free vulnerability in Foxit Reader and PhantomPDF 
7.3.4.311 ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2016-6167 (Multiple untrusted search path vulnerabilities in Putty beta 
0.67 ...)
        - putty <not-affected> (Windows-specific)
 CVE-2016-6166
@@ -117790,7 +117790,7 @@ CVE-2015-2749 (Open redirect vulnerability in Drupal 
6.x before 6.35 and 7.x bef
        NOTE: https://www.drupal.org/SA-CORE-2015-001
        NOTE: http://www.openwall.com/lists/oss-security/2015/03/19/5
 CVE-2015-2329 (Cross-site scripting (XSS) vulnerability in the WooCommerce 
plugin ...)
-       TODO: check
+       NOT-FOR-US: WooCommerce plugin for WordPress
 CVE-2015-2328 (PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and 
related ...)
        - mongodb <unfixed> (unimportant)
        NOTE: CVE for bundled version of pcre3 in mongodb
@@ -178851,7 +178851,7 @@ CVE-2012-3333 (CRLF injection vulnerability in IBM 
Maximo Asset Management 7.x b
 CVE-2012-3332
        RESERVED
 CVE-2012-3331 (IBM Sametime allows remote attackers to obtain sensitive 
information ...)
-       TODO: check
+       NOT-FOR-US: IBM Sametime
 CVE-2012-3330 (The proxy server in IBM WebSphere Application Server 7.0 before 
...)
        NOT-FOR-US: IBM WebSphere Application Server
 CVE-2012-3329 (IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 
through 9.21 ...)
@@ -181793,7 +181793,7 @@ CVE-2012-2168 (IBM Rational ClearQuest 7.1.x before 
7.1.2.7 and 8.x before 8.0.0
 CVE-2012-2167 (The IBM XIV Storage System Gen3 before 11.1.0.a allows remote 
...)
        NOT-FOR-US: IBM XIV Storage System Gen3
 CVE-2012-2166 (IBM XIV Storage System 2810-A14 and 2812-A14 devices before 
level ...)
-       TODO: check
+       NOT-FOR-US: IBM XIV Storage System
 CVE-2012-2165 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 
8.0.0.3, ...)
        NOT-FOR-US: IBM Rational ClearQuest
 CVE-2012-2164 (The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 
and 8.x ...)
@@ -187210,7 +187210,7 @@ CVE-2011-4891
 CVE-2011-4890 (The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 
allows ...)
        NOT-FOR-US: IBM solidDB
 CVE-2011-4889 (The javax.naming.directory.AttributeInUseException class in the 
...)
-       TODO: check
+       NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-4888
        RESERVED
 CVE-2011-4887 (Cross-site scripting (XSS) vulnerability in the Violations 
Table in ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a8a2ef5c906b638d208a64aa168e0d037bd9dc3

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a8a2ef5c906b638d208a64aa168e0d037bd9dc3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to