Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd0e7e25 by Salvatore Bonaccorso at 2018-02-21T22:02:31+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -9,14 +9,14 @@ CVE-2018-7276 (An issue was discovered on Lutron Quantum
BACnet Integration 2.0
CVE-2018-7275
RESERVED
CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to multiple persistent
cross-site ...)
- TODO: check
+ NOT-FOR-US: Yab Quarx
CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals
the ...)
- linux <unfixed>
NOTE: https://lkml.org/lkml/2018/2/20/669
CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs
as part ...)
- TODO: check
+ NOT-FOR-US: ForgeRock AM
CVE-2018-7271 (An issue was discovered in MetInfo 6.0.0. In
install/install.php in the ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2018-7270
RESERVED
CVE-2018-7269
@@ -28,7 +28,7 @@ CVE-2018-7267
CVE-2018-7266
RESERVED
CVE-2018-7265 (Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file
that ...)
- TODO: check
+ NOT-FOR-US: Shimmie
CVE-2018-7264
RESERVED
CVE-2004-2779 (id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b
...)
@@ -2144,7 +2144,7 @@ CVE-2018-6489
CVE-2018-6488
RESERVED
CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB
...)
- TODO: check
+ NOT-FOR-US: Micro Focus Universal CMDB Foundation Software
CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify
Audit ...)
NOT-FOR-US: Micro Focus Fortify Audit Workbench
CVE-2017-18119
@@ -4845,7 +4845,7 @@ CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to
footer information) is vulne
CVE-2018-5478
RESERVED
CVE-2018-5477 (An Information Exposure issue was discovered in ABB netCADOPS
Web ...)
- TODO: check
+ NOT-FOR-US: ABB netCADOPS Web Application
CVE-2018-5476
RESERVED
CVE-2018-5475 (A Stack-based Buffer Overflow issue was discovered in GE D60
Line ...)
@@ -21477,7 +21477,7 @@ CVE-2017-16357 (In radare 2.0.1, a memory corruption
vulnerability exists in ...
NOTE:
https://github.com/radare/radare2/commit/0b973e28166636e0ff1fad80baa0385c9c09c53a
NOTE: https://github.com/radare/radare2/issues/8742
CVE-2017-16356 (Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery
Extended) ...)
- TODO: check
+ NOT-FOR-US: Kubik-Rubik SIGE
CVE-2017-16355 (In agent/Core/SpawningKit/Spawner.h in Phusion Passenger
5.1.10 (fixed ...)
- passenger <unfixed> (bug #884463)
- ruby-passenger <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd0e7e25bce5fbf801227d6f7986aecfa5e5746f
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd0e7e25bce5fbf801227d6f7986aecfa5e5746f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
