Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
86143657 by Moritz Muehlenhoff at 2018-06-16T16:16:13+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1135,7 +1135,7 @@ CVE-2018-12032
CVE-2018-12031 (Local file inclusion in Eaton Intelligent Power Manager v1.6
allows an ...)
NOT-FOR-US: Eaton Intelligent Power Manager
CVE-2018-12030 (Chevereto Free before 1.0.13 has XSS. ...)
- TODO: check
+ NOT-FOR-US: Chevereto Free
CVE-2018-12029 [CHMOD race vulnerability]
RESERVED
- passenger <unfixed>
@@ -1158,7 +1158,7 @@ CVE-2018-12026
- ruby-passenger <not-affected> (Introduced in 5.3.0 with major
refactoring of SpawningKit)
NOTE:
https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
CVE-2018-12025 (The transferFrom function of a smart contract implementation
for ...)
- TODO: check
+ NOT-FOR-US: FuturXE
CVE-2018-12024
RESERVED
CVE-2018-12023
@@ -3239,11 +3239,11 @@ CVE-2018-11224 (An issue was discovered in Libav 12.3.
A read access violation i
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1129
TODO: check
CVE-2018-11223 (XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker
to ...)
- TODO: check
+ NOT-FOR-US: Pandora FMS
CVE-2018-11222 (Local File Inclusion (LFI) in Artica Pandora FMS through
version 7.23 ...)
- TODO: check
+ NOT-FOR-US: Pandora FMS
CVE-2018-11221 (Unauthenticated untrusted file upload in Artica Pandora FMS
through ...)
- TODO: check
+ NOT-FOR-US: Pandora FMS
CVE-2018-11220 (Bitmain Antminer D3, L3+, and S9 devices allow Remote Command
...)
NOT-FOR-US: Bitmain Antminer D3, L3+, and S9 devices
CVE-2018-11219 [integer overflow]
@@ -6589,7 +6589,7 @@ CVE-2018-9860 (An issue was discovered in Botan 1.11.32
through 2.x before 2.6.0
NOTE:
https://github.com/randombit/botan/commit/ec222c99719c396a1f4756b2ca345dbbfbeb5ed5
NOTE: Bug introduced in 1.11.32, fixed in 2.6.0
CVE-2018-9859 (The path of Whale update service was unquoted in NAVER Whale
before ...)
- TODO: check
+ NOT-FOR-US: Whale
CVE-2018-1000168 (nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0
contains an Improper ...)
- nghttp2 1.31.1-1 (low; bug #895566)
[stretch] - nghttp2 <no-dsa> (Minor issue)
@@ -37585,27 +37585,27 @@ CVE-2016-10634 (scala-standalone-bin is a Binary
wrapper for ScalaJS. ...)
CVE-2016-10633 (dwebp-bin is a dwebp node.js wrapper that convert WebP into
PNG. ...)
TODO: check
CVE-2016-10632 (apk-parser2 is a module which extracts Android Manifest info
from an ...)
- TODO: check
+ NOT-FOR-US: apk-parser2
CVE-2016-10631 (jvminstall is a module for downloading and unpacking jvm to
local ...)
- TODO: check
+ NOT-FOR-US: jvminstall
CVE-2016-10630 (install-g-test downloads resources over HTTP, which leaves it
...)
- TODO: check
+ NOT-FOR-US: install-g-test
CVE-2016-10629 (nw-with-arm is a NW Installer including ARM-Build. nw-with-arm
...)
- TODO: check
+ NOT-FOR-US: nw-with-arm
CVE-2016-10628 (selenium-wrapper is a selenium server wrapper, including
installation ...)
- TODO: check
+ NOT-FOR-US: selenium-wrapper
CVE-2016-10627 (scala-bin is a binary wrapper for Scala. scala-bin downloads
binary ...)
- TODO: check
+ NOT-FOR-US: scala-bin
CVE-2016-10626 (mystem3 is a NodeJS wrapper for the Yandex MyStem 3. mystem3
downloads ...)
- TODO: check
+ NOT-FOR-US: mystem3
CVE-2016-10625 (headless-browser-lite is a minimal npm installer for phantomjs
and ...)
- TODO: check
+ NOT-FOR-US: headless-browser-lite
CVE-2016-10624 (selenium-chromedriver is a simple utility for downloading the
Selenium ...)
- TODO: check
+ NOT-FOR-US: selenium-chromedriver
CVE-2016-10623 (macaca-chromedriver-zxa is a Node.js wrapper for the selenium
...)
- TODO: check
+ NOT-FOR-US: macaca-chromedriver-zxa
CVE-2016-10622 (nodeschnaps is a NodeJS compatibility layer for Java (Rhino).
...)
- TODO: check
+ NOT-FOR-US: nodeschnaps
CVE-2016-10621 (fibjs is a runtime for javascript applictions built on google
v8 JS. ...)
NOT-FOR-US: fibjs
CVE-2016-10620 (atom-node-module-installer installs node modules for
atom-shell ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/86143657fd0ed285acb394d34467ccabdd97ad39
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/86143657fd0ed285acb394d34467ccabdd97ad39
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
