NFUs

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@17437 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Federico Ceratto <federico.ceratto@gmail.com> 2011-10-16 19:04:00 +0000
committer: Federico Ceratto <federico.ceratto@gmail.com> 2011-10-16 19:04:00 +0000
commit: 368fb5f68e959f721c8165660c2f274e0e6c38e9 (patch)
tree: 1892e90fadaa44335586082403db00841ff5446d
parent: 00bfff8e3dea663c086a19b8b43145afe28c4939 (diff)
2 files changed, 62 insertions, 63 deletions
diff --git a/bin/apt-update-file b/bin/apt-update-file
index 4fdcc0d914..2c4c71df86 100755
--- a/bin/apt-update-file
+++ b/bin/apt-update-file
@@ -1,7 +1,6 @@
 #!/usr/bin/python
 
 # This script is mainly used to demo the updateFile function.
-
 import os
 import os.path
 import string
diff --git a/data/CVE/list b/data/CVE/list
index acba77656c..0b1b9fe56e 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -420,13 +420,13 @@ CVE-2011-3981 (PHP remote file inclusion vulnerability in actions.php in the ...
 CVE-2011-3980 (Unspecified vulnerability in the Drag Drop Mass Upload ...)
 	TODO: check
 CVE-2011-3979 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Zikula Application Framework
 CVE-2011-3978 (Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php ...)
-	TODO: check
+	NOT-FOR-US: LightNEasy
 CVE-2011-3977 (Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x ...)
 	TODO: check
 CVE-2011-3976 (Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP ...)
-	TODO: check
+	NOT-FOR-US: AmmSoft ScriptFTP
 CVE-2011-3975 (A certain HTC update for Android 2.3.4 build GRJ22, when the Sense ...)
 	NOT-FOR-US: HTC Android
 CVE-2011-3974 (Integer signedness error in the decode_residual_inter function in ...)
@@ -1034,27 +1034,27 @@ CVE-2011-3696 (60cycleCMS 2.5.2 allows remote attackers to obtain sensitive ...)
 CVE-2011-3695 (111WebCalendar 1.2.3 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
 CVE-2011-3694 (The Server Administration Console in NetSaro Enterprise Messenger ...)
-	TODO: check
+	NOT-FOR-US: NetSaro Enterprise Messenger
 CVE-2011-3693 (NetSaro Enterprise Messenger Server 2.0 allows local users to discover ...)
-	TODO: check
+	NOT-FOR-US: NetSaro Enterprise Messenger
 CVE-2011-3692 (NetSaro Enterprise Messenger Server 2.0 stores cleartext console ...)
-	TODO: check
+	NOT-FOR-US: NetSaro Enterprise Messenger
 CVE-2011-3691 (Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2011-3690 (Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 ...)
-	TODO: check
+	NOT-FOR-US: PlotSoft PDFill PDF Editor
 CVE-2011-3689 (Cross-site scripting (XSS) vulnerability in Licenses.html in ...)
-	TODO: check
+	NOT-FOR-US: Wibu-Systems CodeMeter WebAdmin
 CVE-2011-3688 (Multiple SQL injection vulnerabilities in Sonexis ConferenceManager ...)
-	TODO: check
+	NOT-FOR-US: Sonexis ConferenceManager
 CVE-2011-3687 (Multiple cross-site scripting (XSS) vulnerabilities in Sonexis ...)
-	TODO: check
+	NOT-FOR-US: Sonexis ConferenceManager
 CVE-2011-3686 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: Sonexis ConferenceManager
 CVE-2011-3685 (Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution ...)
-	TODO: check
+	NOT-FOR-US: Tembria Server Monitor
 CVE-2011-3684 (Multiple cross-site scripting (XSS) vulnerabilities in Tembria Server ...)
-	TODO: check
+	NOT-FOR-US: Tembria Server Monitor
 CVE-2011-3683
 	RESERVED
 CVE-2011-3682
@@ -1132,7 +1132,7 @@ CVE-2011-3647
 CVE-2011-3646
 	RESERVED
 CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access ...)
-	TODO: check
+	NOT-FOR-US: Newgen OmniDocs
 CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
 	TODO: check
 CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine ...)
@@ -1623,29 +1623,29 @@ CVE-2011-3439
 CVE-2011-3438
 	RESERVED
 CVE-2011-3437 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
-	TODO: check
+	NOT-FOR-US: Apple Type Services (ATS) in Apple Mac OS
 CVE-2011-3436 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a ...)
-	TODO: check
+	NOT-FOR-US: Open Directory in Apple Mac OS
 CVE-2011-3435 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users ...)
-	TODO: check
+	NOT-FOR-US: Open Directory in Apple Mac OS
 CVE-2011-3434 (The WiFi component in Apple iOS before 5 stores WiFi credentials in an ...)
-	TODO: check
+	NOT-FOR-US: WiFi component in Apple iOS
 CVE-2011-3433
 	RESERVED
 CVE-2011-3432 (The UIKit Alerts component in Apple iOS before 5 allows remote ...)
-	TODO: check
+	NOT-FOR-US: UIKit Alerts component in Apple iOS
 CVE-2011-3431 (The Home screen component in Apple iOS before 5 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Home screen component in Apple iOS
 CVE-2011-3430 (The Settings component in Apple iOS before 5, when a configuration ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3429 (The Settings component in Apple iOS before 5 stores a cleartext ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3428
 	RESERVED
 CVE-2011-3427 (The Data Security component in Apple iOS before 5 and Apple TV before ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3426 (Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3425
 	RESERVED
 CVE-2011-3424 (Session fixation vulnerability in the Managed File Transfer server in ...)
@@ -2030,25 +2030,25 @@ CVE-2011-3307
 CVE-2011-3306
 	RESERVED
 CVE-2011-3305 (Directory traversal vulnerability in Cisco Network Admission Control ...)
-	TODO: check
+	NOT-FOR-US: Cisco Network Admission Control
 CVE-2011-3304 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3303 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3302 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3301 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3300 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3299 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3298 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3297 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3296 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3295
 	RESERVED
 CVE-2011-3294
@@ -2060,13 +2060,13 @@ CVE-2011-3292
 CVE-2011-3291
 	RESERVED
 CVE-2011-3290 (Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3289
 	RESERVED
 CVE-2011-3288 (Cisco Unified Presence before 8.5(4) does not properly detect ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3287 (Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3286
 	RESERVED
 CVE-2011-3285
@@ -2076,31 +2076,31 @@ CVE-2011-3284
 CVE-2011-3283
 	RESERVED
 CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3280 (Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3279 (The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3278 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3277 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3276 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3275 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3274 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3273 (Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3272 (The IP Service Level Agreement (IP SLA) functionality in Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-3269
 	RESERVED
 CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows ...)
@@ -2133,25 +2133,25 @@ CVE-2011-3262 (tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1
 	- xen 4.1.1-1
 	- xen-3 <removed>
 CVE-2011-3261 (Double free vulnerability in OfficeImport in Apple iOS before 5 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3260 (Buffer overflow in OfficeImport in Apple iOS before 5 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3259 (The kernel in Apple iOS before 5 and Apple TV before 4.4 does not ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3258
 	RESERVED
 CVE-2011-3257 (The Data Access component in Apple iOS before 5 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3256 (FreeType in CoreGraphics in Apple iOS before 5 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3255 (CFNetwork in Apple iOS before 5 stores AppleID credentials in an ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3254 (Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3253 (CalDAV in Apple iOS before 5 does not validate X.509 certificates for ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3252 (Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes
 CVE-2011-3251
 	RESERVED
 CVE-2011-3250
@@ -2163,9 +2163,9 @@ CVE-2011-3248
 CVE-2011-3247
 	RESERVED
 CVE-2011-3246 (CFNetwork in Apple iOS before 5 and Mac OS X 10.7 before 10.7.2 does ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the final ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-3244 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
author	Federico Ceratto <federico.ceratto@gmail.com>	2011-10-16 19:04:00 +0000
committer	Federico Ceratto <federico.ceratto@gmail.com>	2011-10-16 19:04:00 +0000
commit	368fb5f68e959f721c8165660c2f274e0e6c38e9 (patch)
tree	1892e90fadaa44335586082403db00841ff5446d
parent	00bfff8e3dea663c086a19b8b43145afe28c4939 (diff)