[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process more NFUs

Mon, 01 Jan 2018 03:10:48 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ebc69ed4 by Salvatore Bonaccorso at 2018-01-01T11:45:16+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26,7 +26,7 @@ CVE-2017-18008 (In ImageMagick 7.0.7-17 Q16, there is a 
Memory Leak in ReadPWPIm
 CVE-2017-18007
        RESERVED
 CVE-2017-18006 (netpub/server.np in Extensis Portfolio NetPublish has XSS in 
the ...)
-       TODO: check
+       NOT-FOR-US: Extensis Portfolio NetPublish
 CVE-2017-18005 (Exiv2 0.26 has a Null Pointer Dereference in the ...)
        - exiv2 <unfixed> (bug #885981)
        [stretch] - exiv2 <no-dsa> (Minor issue)
@@ -34,13 +34,13 @@ CVE-2017-18005 (Exiv2 0.26 has a Null Pointer Dereference 
in the ...)
        NOTE: https://github.com/Exiv2/exiv2/issues/168
        NOTE: Fixed via: https://github.com/Exiv2/exiv2/pull/199
 CVE-2017-18004 (Zurmo 3.2.3 allows XSS via the latitude or longitude parameter 
to ...)
-       TODO: check
+       NOT-FOR-US: Zurmo
 CVE-2017-18003
        RESERVED
 CVE-2017-18002
        RESERVED
 CVE-2017-18001 (Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: Trustwave Secure Web Gateway
 CVE-2016-10704 (Magento Community Edition and Enterprise Edition before 2.0.10 
and ...)
        NOT-FOR-US: Magento
 CVE-2017-18000
@@ -1433,7 +1433,7 @@ CVE-2017-17706
 CVE-2017-17705
        RESERVED
 CVE-2017-17704 (A door-unlocking issue was discovered on Software House iStar 
Ultra ...)
-       TODO: check
+       NOT-FOR-US: Software House iStar Ultra devices
 CVE-2017-17703
        RESERVED
 CVE-2017-17702
@@ -13897,7 +13897,7 @@ CVE-2017-15888 (Cross-site scripting (XSS) 
vulnerability in Custom Internet Radi
 CVE-2017-15887 (An improper restriction of excessive authentication attempts 
...)
        NOT-FOR-US: Synology
 CVE-2017-15886 (Server-side request forgery (SSRF) vulnerability in Link 
Preview in ...)
-       TODO: check
+       NOT-FOR-US: Synology Chat
 CVE-2017-15885 (Reflected XSS in the web administration portal on the Axis 
2100 Network ...)
        NOT-FOR-US: Axis
 CVE-2017-15884 (In HashiCorp Vagrant VMware Fusion plugin (aka 
vagrant-vmware-fusion) ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ebc69ed421d7a2c9ad8000afe59a5b03e88f359d

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ebc69ed421d7a2c9ad8000afe59a5b03e88f359d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to