Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c6f1735f by Salvatore Bonaccorso at 2018-02-14T22:28:43+01:00
Process NFUs

- - - - -
a1026cd8 by Salvatore Bonaccorso at 2018-02-14T22:28:44+01:00
Add CVE-2017-18187/mbedtls

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19,7 +19,7 @@ CVE-2018-7041
 CVE-2018-7040
        RESERVED
 CVE-2018-7039 (CCN-lite 2.0.0 Beta allows remote attackers to cause a denial 
of ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite 2
 CVE-2018-7038
        RESERVED
 CVE-2018-7037
@@ -29,7 +29,7 @@ CVE-2018-7036
 CVE-2018-7035
        RESERVED
 CVE-2018-7034 (TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR 
v1.03B01 ...)
-       TODO: check
+       NOT-FOR-US: TRENDnet devices
 CVE-2018-7033
        RESERVED
 CVE-2018-7031
@@ -185,7 +185,10 @@ CVE-2018-6957
 CVE-2017-18188 (OpenRC opentmpfiles through 0.1.3, when the 
fs.protected_hardlinks ...)
        NOT-FOR-US: opentmpfiles
 CVE-2017-18187 (In ARM mbed TLS before 2.7.0, there is a bounds-check bypass 
through an ...)
-       TODO: check
+       [experimental] - mbedtls 2.7.0-1
+       - mbedtls <unfixed>
+       - polarssl <removed>
+       NOTE: 
https://github.com/ARMmbed/mbedtls/commit/83c9f495ffe70c7dd280b41fdfd4881485a3bc28
 CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize 
URLs that ...)
        - myrepos <unfixed> (bug #840014)
        [stretch] - myrepos <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/35f46c2012015ad62b3cfc15e071e2177d2de7ff...a1026cd8de28cdc2ce37afc70ecea7e8167d77e8

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/35f46c2012015ad62b3cfc15e071e2177d2de7ff...a1026cd8de28cdc2ce37afc70ecea7e8167d77e8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to