[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Wed, 07 Feb 2018 13:54:48 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
03c0fb9a by Salvatore Bonaccorso at 2018-02-07T22:40:12+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -13546,7 +13546,7 @@ CVE-2018-1384
 CVE-2018-1383
        RESERVED
 CVE-2018-1382 (IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. 
This ...)
-       TODO: check
+       NOT-FOR-US: IBM API Connect
 CVE-2018-1381
        RESERVED
 CVE-2018-1380
@@ -13578,7 +13578,7 @@ CVE-2018-1368
 CVE-2018-1367
        RESERVED
 CVE-2018-1366 (IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma 
Separated ...)
-       TODO: check
+       NOT-FOR-US: IBM Content Navigator
 CVE-2018-1365
        RESERVED
 CVE-2018-1364 (IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML 
External ...)
@@ -13909,7 +13909,7 @@ CVE-2017-17554 (A NULL pointer dereference (DoS) 
Vulnerability was found in the 
 CVE-2017-17553 (The Dolphin Browser for Android 12.0.2 suffers from an 
insecure parsing ...)
        NOT-FOR-US: Dolphin Browser for Android
 CVE-2017-17552 (/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 
6613 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine AD Manager Plus
 CVE-2018-1360
        RESERVED
 CVE-2018-1359
@@ -14226,7 +14226,7 @@ CVE-2017-17484 (The ucnv_UTF8FromUTF8 function in 
ucnv_u8.cpp in International .
 CVE-2017-17483
        RESERVED
 CVE-2017-17482 (An issue was discovered in OpenVMS through V8.4-2L2 on Alpha 
and ...)
-       TODO: check
+       NOT-FOR-US: OpenVMS
 CVE-2017-17481
        RESERVED
 CVE-2017-17480 (In OpenJPEG 2.3.0, a stack-based buffer overflow was 
discovered in the ...)
@@ -31239,7 +31239,7 @@ CVE-2017-12731 (A SQL Injection issue was discovered in 
OPW Fuel Management Syst
 CVE-2017-12730 (An Unquoted Search Path issue was discovered in mySCADA myPRO 
Versions ...)
        NOT-FOR-US: mySCADA myPRO
 CVE-2017-12729 (A SQL Injection issue was discovered in Moxa SoftCMS Live 
Viewer ...)
-       TODO: check
+       NOT-FOR-US: Moxa SoftCMS Live Viewer
 CVE-2017-12728 (An Improper Privilege Management issue was discovered in 
SpiderControl ...)
        NOT-FOR-US: SpiderControl SCADA Web Server
 CVE-2017-12727
@@ -31965,27 +31965,27 @@ CVE-2017-12475 (The AP4_Processor::Process function 
in Core/Ap4Processor.cpp in 
 CVE-2017-12474 (The AP4_AtomSampleTable::GetSample function in ...)
        NOT-FOR-US: Bento4
 CVE-2017-12473 (ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent 
attackers ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12472 (ccnl-ext-mgmt.c in CCN-lite before 2.00 allows 
context-dependent ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12471 (The cnb_parse_lev function in CCN-lite before 2.00 allows ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12470 (Integer overflow in the ndn_parse_sequence function in 
CCN-lite before ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12469 (Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 
allows ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12468 (Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 
allows ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12467 (Memory leak in CCN-lite before 2.00 allows context-dependent 
attackers ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12466 (CCN-lite before 2.00 allows context-dependent attackers to 
have ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12465 (Multiple integer overflows in CCN-lite before 2.00 allow ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12464 (ccn-lite-valid.c in CCN-lite before 2.00 allows 
context-dependent ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12463 (Memory leak in the ccnl_app_RX function in ccnl-uapi.c in 
CCN-lite ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12462
        RESERVED
 CVE-2017-12461
@@ -32194,7 +32194,7 @@ CVE-2017-12414 (Format Factory 4.1.0 has a DLL 
Hijacking Vulnerability because a
 CVE-2017-12413 (AXIS 2100 devices 2.43 have XSS via the URI, possibly related 
to ...)
        NOT-FOR-US: AXIS 2100 devices
 CVE-2017-12412 (ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows 
context-dependent ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite
 CVE-2017-12411
        RESERVED
 CVE-2017-12410
@@ -32446,9 +32446,9 @@ CVE-2017-12310
 CVE-2017-12309 (A vulnerability in the Cisco Email Security Appliance (ESA) 
could allow ...)
        NOT-FOR-US: Cisco
 CVE-2017-12308 (A vulnerability in the web framework of Cisco Small Business 
Managed ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2017-12307 (A vulnerability in the web framework of Cisco Small Business 
Managed ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2017-12306 (A vulnerability in the upgrade process of Cisco Spark Board 
could allow ...)
        NOT-FOR-US: Cisco
 CVE-2017-12305 (A vulnerability in the debug interface of Cisco IP Phone 8800 
series ...)
@@ -42560,7 +42560,7 @@ CVE-2017-8918 (XXE in Dive Assistant - Template Builder 
in Blackwave Dive Assist
 CVE-2017-8917 (SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 
allows ...)
        NOT-FOR-US: Joomla
 CVE-2017-8916 (In Center for Internet Security CIS-CAT Pro Dashboard before 
1.0.4, an ...)
-       TODO: check
+       NOT-FOR-US: Center for Internet Security CIS-CAT Pro Dashboard
 CVE-2017-8915 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote 
attackers ...)
        NOT-FOR-US: SAP
 CVE-2017-8914 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote 
attackers ...)
@@ -47721,11 +47721,11 @@ CVE-2017-7329
 CVE-2017-7328
        RESERVED
 CVE-2017-7327 (Yandex Browser installer for Desktop before 17.4.1 has a DLL 
Hijacking ...)
-       TODO: check
+       NOT-FOR-US: Yandex Browser installer for Desktop
 CVE-2017-7326 (Race condition issue in Yandex Browser for Android before 
17.4.0.16 ...)
-       TODO: check
+       NOT-FOR-US: Yandex Browser for Android
 CVE-2017-7325 (Yandex Browser before 16.9.0 allows remote attackers to spoof 
the ...)
-       TODO: check
+       NOT-FOR-US: Yandex Browser
 CVE-2017-7324 (setup/templates/findcore.php in MODX Revolution 2.5.4-pl and 
earlier ...)
        NOT-FOR-US: MODX Revolution
 CVE-2017-7323 (The (1) update and (2) package-installation features in MODX 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/03c0fb9a2fb5f2e7fdda10dd048eb9f4240d1a55

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/03c0fb9a2fb5f2e7fdda10dd048eb9f4240d1a55
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to