[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3185c16a by Salvatore Bonaccorso at 2018-04-08T09:07:36+02:00 Process NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1048,7 +1048,7 @@ CVE-2016-10720 CVE-2016-10719 RESERVED CVE-2018-9330 (register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by ...) - TODO: check + NOT-FOR-US: Coremail XT3.0 CVE-2018-9329 (The Bitdefender Antivirus 6.2.19.890 component, as configured for AV ...) NOT-FOR-US: Bitdefender Antivirus CVE-2018-9328 (PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the ter_from ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3185c16a02d49717c5b91a2fa9c1b8f5dd748532 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3185c16a02d49717c5b91a2fa9c1b8f5dd748532 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 98f0731f by Salvatore Bonaccorso at 2018-03-18T16:44:01+01:00 Process NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -5,7 +5,7 @@ CVE-2018-8772 CVE-2018-8771 RESERVED CVE-2018-8770 (Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via ...) - TODO: check + NOT-FOR-US: Western Bridge Cobub Razor CVE-2018-8769 (elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name ...) TODO: check CVE-2018-8767 (joyplus-cms 1.6.0 has XSS in ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/98f0731fe66b399c86a7a5ed3156ee3ef7d6aec5 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/98f0731fe66b399c86a7a5ed3156ee3ef7d6aec5 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9c3b768b by Salvatore Bonaccorso at 2018-03-15T22:17:51+01:00 Process NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1,7 +1,7 @@ CVE-2018-8730 RESERVED CVE-2018-8729 (Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log ...) - TODO: check + NOT-FOR-US: Activity Log plugin for WordPress CVE-2018-8728 (server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in ...) TODO: check CVE-2018-8727 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9c3b768bf8262c0916b4a9162f23fb6c0991a49d --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9c3b768bf8262c0916b4a9162f23fb6c0991a49d You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f83ca021 by Salvatore Bonaccorso at 2018-03-02T10:48:35+01:00 Process NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -106,7 +106,7 @@ CVE-2018-7587 (An issue was discovered in CImg v.220. DoS occurs when loading a CVE-2018-7586 (In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery ...) NOT-FOR-US: nextgen-gallery plugin for WordPress CVE-2017-18212 (An issue was discovered in JerryScript 1.0. There is a heap-based ...) - TODO: check + NOT-FOR-US: JerryScript CVE-2018-7585 RESERVED CVE-2018-7584 (In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f83ca021faa897e06b1e77417a9e19b379127193 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f83ca021faa897e06b1e77417a9e19b379127193 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 46ebb21e by Salvatore Bonaccorso at 2018-01-20T10:14:04+01:00 Process NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -22118,7 +22118,7 @@ CVE-2017-14804 [build: Exploit extractbuild to write to files in the host system - obs-build (bug #887306) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1069904 CVE-2017-14803 (In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server ...) - TODO: check + NOT-FOR-US: NetIQ Access Manager CVE-2017-14802 RESERVED CVE-2017-14801 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/46ebb21e443f1e432689b5e65db1d1c375cd363e --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/46ebb21e443f1e432689b5e65db1d1c375cd363e You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fed11f34 by Salvatore Bonaccorso at 2018-01-16T22:31:16+01:00
Process NFU
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -9,11 +9,11 @@ CVE-2018-5717
CVE-2018-5716
RESERVED
CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in
the query ...)
- TODO: check
+ NOT-FOR-US: SugarCRM
CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file
(zam64.sys) allows ...)
- TODO: check
+ NOT-FOR-US: Malwarefox Anti-Malware
CVE-2018-5713 (In Malwarefox Anti-Malware 2.72.169, the driver file
(zam64.sys) allows ...)
- TODO: check
+ NOT-FOR-US: Malwarefox Anti-Malware
CVE-2018-5712 (An issue was discovered in PHP before 5.6.33, 7.0.x before
7.0.27, ...)
- php7.1 7.1.13-1
- php7.0 7.0.27-1
@@ -40,7 +40,7 @@ CVE-2018-5708
CVE-2018-5707
RESERVED
CVE-2018-5706 (An issue was discovered in Octopus Deploy before 4.1.9. Any
user with ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2018-5705
RESERVED
CVE-2018-103
@@ -53,7 +53,7 @@ CVE-2018-5703 (The tcp_v6_syn_recv_sock function in
net/ipv6/tcp_ipv6.c in the L
- linux
NOTE: https://lkml.org/lkml/2018/1/16/53
CVE-2017-18032 (The download-manager plugin before 2.9.52 for WordPress has
XSS via the ...)
- TODO: check
+ NOT-FOR-US: download-manager plugin for WordPress
CVE-2018-5701
RESERVED
CVE-2018-5700 (Winmail Server through 6.2 allows remote code execution by ...)
@@ -781,7 +781,7 @@ CVE-2018-5372 (The Testimonial Slider plugin through 1.2.4
for WordPress has SQL
CVE-2018-5371 (diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00
and ...)
NOT-FOR-US: D-Link
CVE-2018-5370 (BizLogic xnami 1.0 has XSS via the comment parameter in an
addComment ...)
- TODO: check
+ NOT-FOR-US: BizLogic xnami
CVE-2018-5369 (The SrbTransLatin plugin 1.46 for WordPress has XSS via an ...)
NOT-FOR-US: SrbTransLatin plugin for WordPress
CVE-2018-5368 (The SrbTransLatin plugin 1.46 for WordPress has CSRF via an ...)
@@ -906,7 +906,7 @@ CVE-2017-1000439
CVE-2018-5331 (Discuz! DiscuzX X3.4 has XSS via the view parameter to ...)
NOT-FOR-US: Discuz!
CVE-2018-5330 (ZyXEL P-660HW v3 devices allow remote attackers to cause a
denial of ...)
- TODO: check
+ NOT-FOR-US: ZyXEL
CVE-2018-5329 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to
Cross-Site ...)
NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
CVE-2018-5328 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to
various ...)
@@ -11245,7 +11245,7 @@ CVE-2017-17431 (GeniXCMS 1.1.5 has XSS via the from,
id, lang, menuid, mod, q, s
CVE-2017-17430 (Sangoma NetBorder / Vega Session Controller before
2.3.12-80-GA allows ...)
NOT-FOR-US: Sangoma NetBorder / Vega Session Controller
CVE-2017-17429 (In K7 Antivirus Premium before 15.1.0.53, user-controlled
input to the ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-17428
RESERVED
NOT-FOR-US: Cisco ACE
@@ -16153,23 +16153,23 @@ CVE-2017-16559
CVE-2017-16558
RESERVED
CVE-2017-16557 (K7 Antivirus Premium before 15.1.0.53 allows local users to
gain ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16556 (In K7 Antivirus Premium before 15.1.0.53, user-controlled
input can be ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16555 (K7 Antivirus Premium before 15.1.0.53 allows local users to
gain ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16554 (K7 Antivirus Premium before 15.1.0.53 allows local users to
write to ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16553 (K7 Antivirus Premium before 15.1.0.53 allows local users to
gain ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16552 (K7 Antivirus Premium before 15.1.0.53 allows local users to
write to ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16551 (K7 Antivirus Premium before 15.1.0.53 allows local users to
gain ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16550 (K7 Antivirus Premium before 15.1.0.53 allows local users to
write to ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16549 (K7 Antivirus Premium before 15.1.0.53 allows local users to
write to ...)
- TODO: check
+ NOT-FOR-US: K7 Antivirus
CVE-2017-16548 (The receive_xattr function in xattrs.c in rsync 3.1.2 and ...)
{DSA-4068-1 DLA-1218-1}
- rsync 3.1.2-2.1 (bug #880954)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fed11f3410f763d180c33d349b15ce8e34a776c3
---
View it on GitLab:
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 099d23c7 by Salvatore Bonaccorso at 2018-01-15T22:11:38+01:00 Process NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -476,7 +476,7 @@ CVE-2018-5481 CVE-2018-5480 RESERVED CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to footer information) is vulnerable ...) - TODO: check + NOT-FOR-US: FoxSash ImgHosting CVE-2018-5478 RESERVED CVE-2018-5477 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/099d23c78f1096c4c82c433b66760c2c0da30f32 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/099d23c78f1096c4c82c433b66760c2c0da30f32 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
