[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Fri, 19 Jan 2018 13:17:39 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1b62055e by Salvatore Bonaccorso at 2018-01-19T22:16:49+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -10516,7 +10516,7 @@ CVE-2018-1364
 CVE-2018-1363
        RESERVED
 CVE-2018-1362 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 
7.0.1 ...)
-       TODO: check
+       NOT-FOR-US: IBM Curam Social Program Management
 CVE-2018-1361 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site 
...)
        NOT-FOR-US: IBM WebSphere Portal
 CVE-2017-17684 (Panda Global Protection 17.0.1 allows a system crash via a 
0xb3702c04 ...)
@@ -23949,13 +23949,13 @@ CVE-2017-14102 (MIMEDefang 2.80 and earlier creates a 
PID file after dropping ..
 CVE-2017-14101 (A security researcher found an XML External Entity (XXE) 
vulnerability ...)
        NOT-FOR-US: Conserus Image Repository
 CVE-2017-14097 (An improper access control vulnerability in Trend Micro Smart 
...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2017-14096 (A stored cross site scripting (XSS) vulnerability in Trend 
Micro Smart ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2017-14095 (A vulnerability in Trend Micro Smart Protection Server 
(Standalone) ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2017-14094 (A vulnerability in Trend Micro Smart Protection Server 
(Standalone) ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2017-14093 (The Log Query and Quarantine Query pages in Trend Micro 
ScanMail for ...)
        NOT-FOR-US: Trend Micro ScanMail for Exchange
 CVE-2017-14092 (The absence of Anti-CSRF tokens in Trend Micro ScanMail for 
Exchange ...)
@@ -23979,7 +23979,7 @@ CVE-2017-14084 (A potential Man-in-the-Middle (MitM) 
attack vulnerability in Tre
 CVE-2017-14083 (A vulnerability in Trend Micro OfficeScan 11.0 and XG allows 
remote ...)
        NOT-FOR-US: Trend Micro
 CVE-2017-14082 (An uninitialized pointer information disclosure vulnerability 
in Trend ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2017-14081 (Proxy command injection vulnerabilities in Trend Micro Mobile 
Security ...)
        NOT-FOR-US: Trend Micro Mobile Security
 CVE-2017-14080 (Authentication bypass vulnerability in Trend Micro Mobile 
Security ...)
@@ -31844,7 +31844,7 @@ CVE-2017-11399 (Integer overflow in the 
ape_decode_frame function in ...)
        NOTE: 
https://github.com/FFmpeg/FFmpeg/commit/ba4beaf6149f7241c8bd85fe853318c2f6837ad0
        NOTE: Fixed in 3.2.7
 CVE-2017-11398 (A session hijacking via log disclosure vulnerability in Trend 
Micro ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2017-11397 (A service DLL preloading vulnerability in Trend Micro 
Encryption for ...)
        NOT-FOR-US: Trend Micro
 CVE-2017-11396 (Vulnerability issues with the web service inspection of input 
...)
@@ -61189,7 +61189,7 @@ CVE-2017-1695
 CVE-2017-1694 (IBM Integration Bus 9.0 and 10.0 transmits user credentials in 
plain ...)
        NOT-FOR-US: IBM Integration Bus
 CVE-2017-1693 (IBM Integration Bus 9.0 and 10.0 could allow an attacker that 
has ...)
-       TODO: check
+       NOT-FOR-US: IBM Integration Bus
 CVE-2017-1692
        RESERVED
 CVE-2017-1691
@@ -99846,11 +99846,11 @@ CVE-2015-7488 (IBM Spectrum Scale 4.1.1.x before 
4.1.1.4 and 4.2.x before 4.2.0.
 CVE-2015-7487 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 
7.5.0.9 ...)
        NOT-FOR-US: IBM
 CVE-2015-7486 (Cross-site scripting (XSS) vulnerability in IBM Rational 
Engineering ...)
-       TODO: check
+       NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
 CVE-2015-7485 (Cross-site scripting (XSS) vulnerability in IBM Rational 
Engineering ...)
-       TODO: check
+       NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
 CVE-2015-7484 (IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 
iFix7 ...)
-       TODO: check
+       NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
 CVE-2015-7483
        RESERVED
 CVE-2015-7482
@@ -99870,7 +99870,7 @@ CVE-2015-7476
 CVE-2015-7475
        RESERVED
 CVE-2015-7474 (Cross-site scripting (XSS) vulnerability in Jazz Foundation in 
IBM ...)
-       TODO: check
+       NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
 CVE-2015-7473 (runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local 
users to ...)
        NOT-FOR-US: IBM
 CVE-2015-7472 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 
6.1.5.3 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1b62055e5e011c784a4cefe3c92047d2eacf94bb

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1b62055e5e011c784a4cefe3c92047d2eacf94bb
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to