Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c4919e4b by Salvatore Bonaccorso at 2018-02-02T23:11:43+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -7,19 +7,19 @@ CVE-2018-6583 CVE-2018-6582 RESERVED CVE-2018-6581 (SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a ...) - TODO: check + NOT-FOR-US: JMS Music component for Joomla! CVE-2018-6580 (Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component ...) - TODO: check + NOT-FOR-US: Jimtawl component for Joomla! CVE-2018-6579 (SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for ...) - TODO: check + NOT-FOR-US: JEXTN Reverse Auction component for Joomla! CVE-2018-6578 (SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! ...) - TODO: check + NOT-FOR-US: JE PayperVideo component for Joomla! CVE-2018-6577 (SQL Injection exists in the JEXTN Membership 3.1.0 component for ...) - TODO: check + NOT-FOR-US: JEXTN Membership component for Joomla! CVE-2018-6576 (SQL Injection exists in Event Manager 1.0 via the event.php id ...) TODO: check CVE-2018-6575 (SQL Injection exists in the JEXTN Classified 1.0.0 component for ...) - TODO: check + NOT-FOR-US: JEXTN Membership component for Joomla! CVE-2018-6574 RESERVED CVE-2018-6573 @@ -77,7 +77,7 @@ CVE-2018-6551 (The malloc implementation in the GNU C Library (aka glibc or libc NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22774 NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22 CVE-2018-6550 (Monstra CMS through 3.0.4 has XSS in the title function in ...) - TODO: check + NOT-FOR-US: Monstra CMS CVE-2017-18122 (A signature-validation bypass issue was discovered in SimpleSAMLphp ...) - simplesamlphp 1.15.0-1 NOTE: https://simplesamlphp.org/security/201710-01 @@ -120,7 +120,7 @@ CVE-2018-6539 CVE-2018-6538 RESERVED CVE-2018-6537 (A buffer overflow vulnerability in the control protocol of Flexense ...) - TODO: check + NOT-FOR-US: Flexense SyncBreeze Enterprise CVE-2018-6536 (An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates ...) - icinga2 <unfixed> [stretch] - icinga2 <no-dsa> (Minor issue) @@ -245,7 +245,7 @@ CVE-2018-6488 CVE-2018-6487 RESERVED CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit ...) - TODO: check + NOT-FOR-US: Micro Focus Fortify Audit Workbench CVE-2017-18119 RESERVED CVE-2017-18118 @@ -313,19 +313,19 @@ CVE-2017-18088 CVE-2017-18087 RESERVED CVE-2017-18086 (Various resources in Atlassian Confluence Server before version 6.4.2 ...) - TODO: check + NOT-FOR-US: Atlassian Confluence CVE-2017-18085 (The viewdefaultdecorator resource in Atlassian Confluence Server ...) - TODO: check + NOT-FOR-US: Atlassian Confluence CVE-2017-18084 (The usermacros resource in Atlassian Confluence Server before version ...) - TODO: check + NOT-FOR-US: Atlassian Confluence CVE-2017-18083 (The editinword resource in Atlassian Confluence Server before version ...) - TODO: check + NOT-FOR-US: Atlassian Confluence CVE-2017-18082 (The plan configure branches resource in Atlassian Bamboo before ...) - TODO: check + NOT-FOR-US: Atlassian Bamboo CVE-2017-18081 (The signupUser resource in Atlassian Bamboo before version 6.3.1 ...) - TODO: check + NOT-FOR-US: Atlassian Bamboo CVE-2017-18080 (The saveConfigureSecurity resource in Atlassian Bamboo before version ...) - TODO: check + NOT-FOR-US: Atlassian Bamboo CVE-2018-6485 (An integer overflow in the implementation of the posix_memalign in ...) [experimental] - glibc 2.26.9000+20180127.7e23a7dd-0experimental0 - glibc <unfixed> (bug #878159) @@ -2212,23 +2212,23 @@ CVE-2018-5752 CVE-2018-5751 RESERVED CVE-2017-18042 (The update user administration resource in Atlassian Bamboo before ...) - TODO: check + NOT-FOR-US: Atlassian Bamboo CVE-2017-18041 (The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo ...) - TODO: check + NOT-FOR-US: Atlassian Bamboo CVE-2017-18040 (The viewDeploymentVersionCommits resource in Atlassian Bamboo before ...) - TODO: check + NOT-FOR-US: Atlassian Bamboo CVE-2017-18039 (The IncomingMailServers resource in Atlassian Jira from version 6.2.1 ...) - TODO: check + NOT-FOR-US: Atlassian Jira CVE-2017-18038 (The repository settings resource in Atlassian Bitbucket Server before ...) - TODO: check + NOT-FOR-US: Atlassian Bitbucket CVE-2017-18037 (The git repository tag rest resource in Atlassian Bitbucket Server ...) - TODO: check + NOT-FOR-US: Atlassian Bitbucket CVE-2017-18036 (The Github repository importer in Atlassian Bitbucket Server before ...) - TODO: check + NOT-FOR-US: Atlassian Bitbucket CVE-2017-18035 (The /rest/review-coverage-chart/1.0/data/<repository_name>/.json ...) - TODO: check + NOT-FOR-US: Atlassian Fisheye and Crucible CVE-2017-18034 (The source browse resource in Atlassian FishEye and Crucible before ...) - TODO: check + NOT-FOR-US: Atlassian Fisheye and Crucible CVE-2017-18033 (The Jira-importers-plugin in Atlassian Jira before version 7.6.1 ...) NOT-FOR-US: Jira-importers-plugin in Atlassian Jira CVE-2018-5750 (The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4919e4bd85863200ae8b8505848df59be8970ec --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4919e4bd85863200ae8b8505848df59be8970ec You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits