[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Thu, 26 Apr 2018 01:24:58 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
55b2e766 by Salvatore Bonaccorso at 2018-04-26T10:24:11+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,13 +3,13 @@ CVE-2018-10427
 CVE-2018-10426
        RESERVED
 CVE-2018-10425 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 
...)
-       TODO: check
+       NOT-FOR-US: Shanghai 2345 Security Guard
 CVE-2018-10424 (mc-admin/post-edit.php in MiniCMS 1.10 allows full path 
disclosure via ...)
-       TODO: check
+       NOT-FOR-US: MiniCMS
 CVE-2018-10423 (mc-admin/post.php in MiniCMS 1.10 allows remote attackers to 
obtain a ...)
-       TODO: check
+       NOT-FOR-US: MiniCMS
 CVE-2018-10422 (An issue was discovered in HongCMS 3.0.0. The post news 
feature has ...)
-       TODO: check
+       NOT-FOR-US: HongCMS
 CVE-2018-10421
        RESERVED
 CVE-2018-10420
@@ -73,7 +73,7 @@ CVE-2018-10392 (mapping0_forward in mapping0.c in Xiph.Org 
libvorbis 1.3.6 does 
        - libvorbis <unfixed>
        NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2335
 CVE-2018-10391 (An issue was discovered in WUZHI CMS 4.1.0. There is XSS via 
the email ...)
-       TODO: check
+       NOT-FOR-US: WUZHI CMS
 CVE-2018-10390
        RESERVED
 CVE-2018-10389
@@ -93,7 +93,7 @@ CVE-2018-10383
 CVE-2018-10382
        RESERVED
 CVE-2018-10381 (TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege 
...)
-       TODO: check
+       NOT-FOR-US: TunnelBear for Windows
 CVE-2018-10380
        RESERVED
 CVE-2018-10379
@@ -3057,7 +3057,7 @@ CVE-2018-9115 (Systematic SitaWare 6.4 SP2 does not 
validate input from other so
 CVE-2018-9114
        RESERVED
 CVE-2018-9113 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 
allows ...)
-       TODO: check
+       NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE
 CVE-2018-9112
        RESERVED
 CVE-2018-9111
@@ -3075,13 +3075,13 @@ CVE-2018-9106 (CSV Injection (aka Excel Macro Injection 
or Formula Injection) ex
 CVE-2018-9105 (NordVPN 3.3.10 for macOS suffers from a root privilege 
escalation ...)
        NOT-FOR-US: NordVPN
 CVE-2018-9104 (A vulnerability in the conferencing component of Mitel MiVoice 
...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2018-9103 (A vulnerability in the conferencing component of Mitel MiVoice 
...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2018-9102 (A vulnerability in the conferencing component of Mitel MiVoice 
...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2018-9101 (A vulnerability in the conferencing component of Mitel MiVoice 
...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2018-9100
        RESERVED
 CVE-2018-9099
@@ -3393,7 +3393,7 @@ CVE-2018-8975 (The pm_mallocarray2 function in 
lib/util/mallocvar.c in Netpbm th
        - netpbm-free <not-affected> (Vulnerable code not present)
        NOTE: Debian uses an unaffected fork
 CVE-2018-8974 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 
allows ...)
-       TODO: check
+       NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE
 CVE-2018-8973 (OTCMS 3.20 allows XSS by adding a keyword or link to an 
article, as ...)
        NOT-FOR-US: OTCMS
 CVE-2018-8972 (Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has 
CSRF in ...)
@@ -4173,7 +4173,7 @@ CVE-2017-18232 (The Serial Attached SCSI (SAS) 
implementation in the Linux kerne
 CVE-2018-8717 (joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an 
administrator ...)
        NOT-FOR-US: joyplus-cms
 CVE-2018-8716 (WSO2 Identity Server before 5.5.0 has XSS via the dashboard, 
allowing ...)
-       TODO: check
+       NOT-FOR-US: WSO2 Identity Server
 CVE-2018-8715 (The Embedthis HTTP library, and Appweb versions before 7.0.3, 
have a ...)
        NOT-FOR-US: Embedthis HTTP library / Appweb
 CVE-2018-8714
@@ -13293,7 +13293,7 @@ CVE-2018-5488
 CVE-2018-5487
        RESERVED
 CVE-2018-5486 (NetApp OnCommand Unified Manager for Linux versions 7.2 though 
7.3 ...)
-       TODO: check
+       NOT-FOR-US: NetApp OnCommand Unified Manager for Linux
 CVE-2018-5485
        RESERVED
 CVE-2018-5484



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/55b2e766a15836d748431521c50484a37a7627e0

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/55b2e766a15836d748431521c50484a37a7627e0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to