Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b383f63e by Moritz Muehlenhoff at 2018-04-27T11:12:41+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -512,7 +512,7 @@ CVE-2018-10239
CVE-2018-10238 (bvlc.c in skarg BACnet Protocol Stack 0.8.5 has a buffer
overflow in ...)
NOT-FOR-US: skarg BACnet Protocol Stack
CVE-2018-10237 (Unbounded memory allocation in Google Guava 11.0 through 24.x
before ...)
- TODO: check
+ NOT-FOR-US: Google Guava
CVE-2018-10236 (POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP
code via ...)
NOT-FOR-US: POSCMS
CVE-2018-10235 (POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP
code via ...)
@@ -17251,7 +17251,7 @@ CVE-2018-3857
CVE-2018-3856
RESERVED
CVE-2018-3855 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
- TODO: check
+ NOT-FOR-US: Hyland Perceptive Document Filters
CVE-2018-3854
RESERVED
CVE-2018-3853
@@ -17259,7 +17259,7 @@ CVE-2018-3853
CVE-2018-3852
RESERVED
CVE-2018-3851 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
- TODO: check
+ NOT-FOR-US: Hyland Perceptive Document Filters
CVE-2018-3850 (An exploitable use-after-free vulnerability exists in the
JavaScript ...)
NOT-FOR-US: Foxit PDF Reader
CVE-2018-3849 (In the ffghtb function in NASA CFITSIO 3.42, specially crafted
images ...)
@@ -17283,9 +17283,9 @@ CVE-2018-3846 (In the ffgphd and ffgtkn functions in
NASA CFITSIO 3.42, speciall
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529
NOTE: Mitigated to a crash due to hardened build flags
CVE-2018-3845 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
- TODO: check
+ NOT-FOR-US: Hyland Perceptive Document Filters
CVE-2018-3844 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
- TODO: check
+ NOT-FOR-US: Hyland Perceptive Document Filters
CVE-2018-3843 (An exploitable type confusion vulnerability exists in the way
Foxit ...)
NOT-FOR-US: Foxit PDF Reader
CVE-2018-3842 (An exploitable use of an uninitialized pointer vulnerability
exists in ...)
@@ -45056,7 +45056,6 @@ CVE-2017-11593 (Cross-site scripting (XSS)
vulnerability in the Markdown Preview
CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability
in the ...)
[experimental] - exiv2 <unfixed> (bug #895568)
- exiv2 <not-affected> (printTiffStructure introduced in 0.26)
- TODO: Report against experimental
NOTE: https://github.com/Exiv2/exiv2/issues/56
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1).
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b383f63e1b08970ee6b78c936bb4063196415249
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b383f63e1b08970ee6b78c936bb4063196415249
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
