Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ae52b51 by Salvatore Bonaccorso at 2018-09-14T07:48:52Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2018-16987 (Squash TM through 1.18.0 presents the
cleartext passwords of ext
CVE-2018-16986
RESERVED
CVE-2018-16985 (In Lizard (formerly LZ5) 2.0, use of an invalid memory address
was ...)
- TODO: check
+ NOT-FOR-US: Lizard
CVE-2018-16984
RESERVED
CVE-2018-16983 (NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x
and other ...)
@@ -497,7 +497,7 @@ CVE-2018-16798
CVE-2018-16797 (A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer
1.7.8556 ...)
NOT-FOR-US: PotPlayer
CVE-2018-16796 (HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of
Files ...)
- TODO: check
+ NOT-FOR-US: HiScout GRC Suite
CVE-2018-16795
RESERVED
CVE-2018-16794
@@ -4102,7 +4102,7 @@ CVE-2018-15312
CVE-2018-15311
RESERVED
CVE-2018-15310 (A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-XXXX [libykneomgr memory corruption]
- libykneomgr <unfixed> (low; bug #906138)
[stretch] - libykneomgr <no-dsa> (Minor issue)
@@ -21887,9 +21887,9 @@ CVE-2018-8369
CVE-2018-8368
RESERVED
CVE-2018-8367 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8366 (An information disclosure vulnerability exists when the
Microsoft Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8365
RESERVED
CVE-2018-8364
@@ -21913,7 +21913,7 @@ CVE-2018-8356 (A security feature bypass vulnerability
exists when Microsoft .NE
CVE-2018-8355 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2018-8354 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8353 (A remote code execution vulnerability exists in the way that
the ...)
NOT-FOR-US: Microsoft
CVE-2018-8352
@@ -21947,19 +21947,19 @@ CVE-2018-8339 (An elevation of privilege
vulnerability exists in the Windows ...
CVE-2018-8338
RESERVED
CVE-2018-8337 (A security feature bypass vulnerability exists when Windows
Subsystem ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8336 (An information disclosure vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8335 (A denial of service vulnerability exists in the Microsoft
Server Block ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8334
RESERVED
CVE-2018-8333
RESERVED
CVE-2018-8332 (A remote code execution vulnerability exists when the Windows
font ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8331 (A remote code execution vulnerability exists in Microsoft Excel
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8330
RESERVED
CVE-2018-8329
@@ -21991,7 +21991,7 @@ CVE-2018-8317
CVE-2018-8316 (A remote code execution vulnerability exists when Internet
Explorer ...)
NOT-FOR-US: Microsoft
CVE-2018-8315 (An information disclosure vulnerability exists when the browser
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8314 (An elevation of privilege vulnerability exists when Windows
fails a ...)
NOT-FOR-US: Microsoft
CVE-2018-8313 (An elevation of privilege vulnerability exists in the way that
the ...)
@@ -22079,7 +22079,7 @@ CVE-2018-8273 (A buffer overflow vulnerability exists
in the Microsoft SQL Serve
CVE-2018-8272
RESERVED
CVE-2018-8271 (An information disclosure vulnerability exists in Windows when
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8270
RESERVED
CVE-2018-8269 (A denial of service vulnerability exists when OData Library
improperly ...)
@@ -30826,15 +30826,15 @@ CVE-2015-9247 (An issue was discovered in Skybox
Platform before 7.5.401. Reflec
CVE-2015-9246 (An issue was discovered in Skybox Platform before 7.5.201.
Remote ...)
NOT-FOR-US: Skybox Platform
CVE-2018-5549 (On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5548 (On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used
for ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5547 (Windows Logon Integration feature of F5 BIG-IP APM client prior
to ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5546 (The svpn and policyserver components of the F5 BIG-IP APM
client prior ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5545 (On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious,
authenticated ...)
- TODO: check
+ NOT-FOR-US: F5 WebSafe Alert Server
CVE-2018-5544 (When the F5 BIG-IP APM 13.0.0-13.1.1 or 12.1.0-12.1.3 renders
certain ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5543 (The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0
(k8s-bigip-crtl) ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ae52b51de860d3983ac66136ec5b6e2047279c3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ae52b51de860d3983ac66136ec5b6e2047279c3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
