NFUs

joomla ITP git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@46190 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Moritz Muehlenhoff <jmm@debian.org> 2016-11-14 18:24:10 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2016-11-14 18:24:10 +0000
commit: 42afda471d545f1ccc0b62c22ae639ea6c112539 (patch)
tree: e726fab95bc0cdaa981082d769cd073d657a9c02 /data
parent: 3aaad4cf0d2b2c81fe4c29a124e4fbe58df58760 (diff)
2 files changed, 20 insertions, 20 deletions
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 8a8891ea6b..b769c17d5a 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,5 +1,5 @@
 CVE-2005-4900 (SHA-1 is not collision resistant, which makes it easier for ...)
-	TODO: check
+	NOT-FOR-US: Generic protocol issue
 CVE-2005-4899
 	RESERVED
 CVE-2005-4898
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 47176cd0c9..37ec5e4c8a 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -977,9 +977,9 @@ CVE-2016-8872
 CVE-2016-8871 (In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding ...)
 	- botan1.10 <not-affected> (Only affects 1.11.29 through 1.11.32)
 CVE-2016-8870 (The register method in the UsersModelRegistration class in ...)
-	TODO: check
+	- joomla <itp> (bug #571794)
 CVE-2016-8869 (The register method in the UsersModelRegistration class in ...)
-	TODO: check
+	- joomla <itp> (bug #571794)
 CVE-2016-8868
 	RESERVED
 CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with misconfigured ...)
@@ -1331,7 +1331,7 @@ CVE-2016-1000035
 CVE-2016-1000034
 	RESERVED
 CVE-2016-1000032 (TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a ...)
-	TODO: check
+	NOT-FOR-US: TGCaptcha2
 CVE-2016-8910 (The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka ...)
 	{DLA-698-1 DLA-689-1}
 	- qemu <unfixed> (bug #841955)
@@ -2083,17 +2083,17 @@ CVE-2016-8508
 CVE-2016-8507
 	RESERVED
 CVE-2016-8506 (XSS in Yandex Browser Translator in Yandex browser for desktop for ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8505 (XSS in Yandex Browser BookReader in Yandex browser for desktop for ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8504 (CSRF of synchronization form in Yandex Browser for desktop before ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8503 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8502 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8501 (Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser
 CVE-2016-8500
 	RESERVED
 CVE-2016-8499
@@ -2593,11 +2593,11 @@ CVE-2016-8337
 CVE-2016-8336
 	RESERVED
 CVE-2016-8335 (An exploitable stack based buffer overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Iceni Argus
 CVE-2016-8334
 	RESERVED
 CVE-2016-8333 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Iceni Argus
 CVE-2016-8332 (A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution ...)
 	- openjpeg2 2.1.2-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0193/
@@ -2679,17 +2679,17 @@ CVE-2016-8298
 CVE-2016-8297
 	RESERVED
 CVE-2016-8296 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8295 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8294 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8293 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8292 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8291 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2016-8290 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
@@ -3589,13 +3589,13 @@ CVE-2016-7966 [KMail: HTML injection in plain text viewer]
 	NOTE: https://www.kde.org/info/security/advisory-20161006-1.txt
 CVE-2016-7965 (DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ...)
 	- dokuwiki <unfixed>
+	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1709
-	TODO: check
 CVE-2016-7964 (The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ...)
 	- dokuwiki <unfixed>
+	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1708
-	TODO: check
 CVE-2016-7963
 	RESERVED
 CVE-2016-7962
author	Moritz Muehlenhoff <jmm@debian.org>	2016-11-14 18:24:10 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2016-11-14 18:24:10 +0000
commit	42afda471d545f1ccc0b62c22ae639ea6c112539 (patch)
tree	e726fab95bc0cdaa981082d769cd073d657a9c02 /data
parent	3aaad4cf0d2b2c81fe4c29a124e4fbe58df58760 (diff)