Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
30295648 by Moritz Muehlenhoff at 2018-10-24T20:47:36Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -460,7 +460,7 @@ CVE-2018-18444 (makeMultiView.cpp in exrmultiview in
OpenEXR 2.3.0 has an out-of
CVE-2018-18443 (OpenEXR 2.3.0 has a memory leak in ThreadPool in ...)
- openexr <unfixed>
NOTE: https://github.com/openexr/openexr/issues/350
- TODO: check, the issue seems not locaated in the (not-installed)
exrmultiview tool, but in library, but no upstream response yet
+ TODO: check, the issue seems not located in the (not-installed)
exrmultiview tool, but in library, but no upstream response yet
CVE-2018-18442
RESERVED
CVE-2018-18441
@@ -1821,7 +1821,7 @@ CVE-2018-17937
CVE-2018-17936
RESERVED
CVE-2018-17935 (All versions of Telecrane F25 Series Radio Controls before
00.0A use ...)
- TODO: check
+ NOT-FOR-US: Telecrane
CVE-2018-17934
RESERVED
CVE-2018-17933
@@ -7853,7 +7853,7 @@ CVE-2018-15444
CVE-2018-15443
RESERVED
CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings
Desktop ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15441
RESERVED
CVE-2018-15440
@@ -17041,7 +17041,7 @@ CVE-2018-1000182 (A server-side request forgery
vulnerability exists in Jenkins
CVE-2018-11805
RESERVED
CVE-2018-11804 (Spark's Apache Maven-based build includes a convenience
script, ...)
- TODO: check
+ NOT-FOR-US: Apache Spark
CVE-2018-11803
RESERVED
CVE-2018-11802
@@ -19175,7 +19175,7 @@ CVE-2018-11027 (A reflected XSS vulnerability on Ruckus
ICX7450-48 devices allow
CVE-2018-11026
RESERVED
CVE-2018-11025 (kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel
component in ...)
- TODO: check
+ NOT-FOR-US: kernel component on Amazon Fire
CVE-2018-11024 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel
component in ...)
NOT-FOR-US: kernel component on Amazon Fire
CVE-2018-11023 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel
component in ...)
@@ -45708,7 +45708,7 @@ CVE-2018-1543 (IBM WebSphere MQ 8.0 and 9.0 could allow
a remote attacker to obt
CVE-2018-1542 (IBM FileNet Content Manager, IBM Content Foundation, and IBM
Case ...)
NOT-FOR-US: IBM
CVE-2018-1541 (IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable
to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1540
RESERVED
CVE-2018-1539 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and
6.0 ...)
@@ -47981,7 +47981,6 @@ CVE-2018-1051 (It was found that the fix for
CVE-2016-9606 in versions 3.0.22 an
[jessie] - resteasy <not-affected> (Incomplete fix for CVE-2016-9606
wasn't backported)
- resteasy3.0 <not-affected> (Incomplete fix for CVE-2016-9606 not
applied)
NOTE: Removing deprecated YamlProvider was done in 4.0.0.Beta4
- TODO: check
CVE-2018-1050 (All versions of Samba from 4.0.0 onwards are vulnerable to a
denial of ...)
{DSA-4135-1 DLA-1320-1}
- samba 2:4.7.4+dfsg-2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/30295648795aa99459cc761b4e48027a6156e01e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/30295648795aa99459cc761b4e48027a6156e01e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
