[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Tue, 05 Jun 2018 08:57:54 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d84ceecd by Moritz Muehlenhoff at 2018-06-05T17:56:37+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -37,7 +37,7 @@ CVE-2018-11719
 CVE-2018-11718
        RESERVED
 CVE-2017-18286 (nZEDb v0.7.3.3 has XSS in the 404 error page. ...)
-       TODO: check
+       NOT-FOR-US: nZEDb
 CVE-2016-1000352 (In the Bouncy Castle JCE Provider version 1.55 and earlier 
the ECIES ...)
        - bouncycastle 1.56-1
        NOTE: 
https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
@@ -13715,7 +13715,9 @@ CVE-2018-6554
 CVE-2018-6553
        RESERVED
 CVE-2018-6552 (Apport does not properly handle crashes originating from a PID 
...)
-       TODO: check
+       [experimental] - apport <unfixed>
+       NOTE: apport only in experimental, so we cannot track this in 
security-tracker
+       NOTE: add it, to have an explicit reference for apport if it ever 
enters unstable
 CVE-2018-6551 (The malloc implementation in the GNU C Library (aka glibc or 
libc6), ...)
        [experimental] - glibc 2.26.9000+20180127.7e23a7dd-0experimental0
        - glibc 2.27-1
@@ -21583,11 +21585,11 @@ CVE-2018-3759
 CVE-2018-3758
        RESERVED
 CVE-2018-3757 (Command injection exists in pdf-image v2.0.0 due to an 
unescaped ...)
-       TODO: check
+       NOT-FOR-US: node pdf-image
 CVE-2018-3756 (Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: Hyperledger Iroha
 CVE-2018-3755 (XSS in sexstatic &lt;=0.6.2 causes HTML injection in directory 
name(s) ...)
-       TODO: check
+       NOT-FOR-US: sexstatic
 CVE-2018-3754
        RESERVED
 CVE-2018-3753
@@ -35230,7 +35232,7 @@ CVE-2017-16155
 CVE-2017-16154
        RESERVED
 CVE-2017-16153 (gaoxuyan is vulnerable to a directory traversal issue, giving 
an ...)
-       TODO: check
+       NOT-FOR-US: gaoxuyan
 CVE-2017-16152
        RESERVED
 CVE-2017-16151



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d84ceecd60e949b1b2f9ce2bbea944fb7b1e3441

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d84ceecd60e949b1b2f9ce2bbea944fb7b1e3441
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to