[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Sat, 14 Apr 2018 05:50:27 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3ad98196 by Salvatore Bonaccorso at 2018-04-14T07:21:17+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,5 +1,5 @@
 CVE-2018-10096 (joyplus-cms 1.6.0 has XSS via the device_name parameter in a 
...)
-       TODO: check
+       NOT-FOR-US: joyplus-cms
 CVE-2018-10095
        RESERVED
 CVE-2018-10094
@@ -58,7 +58,7 @@ CVE-2018-10068 (The jDownloads extension before 3.2.59 for 
Joomla! has XSS. ...)
 CVE-2018-10067
        RESERVED
 CVE-2018-10066 (An issue was discovered in MikroTik RouterOS 6.41.4. Missing 
OpenVPN ...)
-       TODO: check
+       NOT-FOR-US: MikroTik RouterOS
 CVE-2018-10065
        RESERVED
 CVE-2018-10064
@@ -8001,9 +8001,9 @@ CVE-2018-6961
 CVE-2018-6960
        RESERVED
 CVE-2018-6959 (VMware vRealize Automation (vRA) prior to 7.4.0 contains a ...)
-       TODO: check
+       NOT-FOR-US: VMware vRealize Automation
 CVE-2018-6958 (VMware vRealize Automation (vRA) prior to 7.3.1 contains a ...)
-       TODO: check
+       NOT-FOR-US: VMware vRealize Automation
 CVE-2018-6957 (VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x 
before ...)
        NOT-FOR-US: VMware
 CVE-2017-18188 (OpenRC opentmpfiles through 0.1.3, when the 
fs.protected_hardlinks ...)
@@ -9256,9 +9256,9 @@ CVE-2018-6548 (A use-after-free issue was discovered in 
libwebm through 2018-02-
        NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1493
        NOTE: 
https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md
 CVE-2018-6547 (plays_service.exe in the plays.tv service before 1.27.7.0, as 
...)
-       TODO: check
+       NOT-FOR-US: plays_service.exe in the plays.tv service
 CVE-2018-6546 (plays_service.exe in the plays.tv service before 1.27.7.0, as 
...)
-       TODO: check
+       NOT-FOR-US: plays_service.exe in the plays.tv service
 CVE-2018-6545 (Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site 
Scripting ...)
        NOT-FOR-US: Ipswitch MoveIt
 CVE-2018-6544 (pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 
could ...)
@@ -12248,17 +12248,17 @@ CVE-2018-5513
 CVE-2018-5512
        RESERVED
 CVE-2018-5511 (On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2018-5510 (On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management 
Microkernel ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2018-5509 (On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a 
specifically ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2018-5508 (On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 
11.6.0-11.6.2, ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2018-5507 (On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, 
or ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2018-5506 (In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 
11.2.1 ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2018-5505 (On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are 
both ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2018-5504 (In some circumstances, the Traffic Management Microkernel (TMM) 
does ...)
@@ -60760,13 +60760,13 @@ CVE-2017-6160 (In F5 BIG-IP AAM and PEM software 
version 12.0.0 to 12.1.1, 11.6.
 CVE-2017-6159 (F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link 
...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2017-6158 (In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 
11.2.1 ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2017-6157 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link 
...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2017-6156 (When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, 
or ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2017-6155 (On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 
11.4.1-11.5.5, or ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2017-6154 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 
11.6.1 - ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2017-6153
@@ -60780,7 +60780,7 @@ CVE-2017-6150 (Under certain conditions for F5 BIG-IP 
systems 13.0.0 or 12.1.0 -
 CVE-2017-6149
        RESERVED
 CVE-2017-6148 (Responses to SOCKS proxy requests made through F5 BIG-IP 
version ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2017-6147 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link 
Controller, ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2017-6146
@@ -60790,7 +60790,7 @@ CVE-2017-6145 (iControl REST in F5 BIG-IP LTM, AAM, 
AFM, Analytics, APM, ASM, DN
 CVE-2017-6144 (In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the 
Type ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2017-6143 (X509 certificate verification was not correctly implemented in 
the IP ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2017-6142 (X509 certificate verification was not correctly implemented in 
the ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2017-6141 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3ad98196e88771bfa52dc01a721ff24fe34645c7

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3ad98196e88771bfa52dc01a721ff24fe34645c7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to