Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d9f626cf by Moritz Muehlenhoff at 2018-02-28T13:37:49+01:00
NFUs / two ITPs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15807,7 +15807,7 @@ CVE-2018-1379
CVE-2018-1378
RESERVED
CVE-2018-1377 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores
user ...)
- TODO: check
+ NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1376
RESERVED
CVE-2018-1375
@@ -15817,7 +15817,7 @@ CVE-2018-1374
CVE-2018-1373
RESERVED
CVE-2018-1372 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does
not ...)
- TODO: check
+ NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1371
RESERVED
CVE-2018-1370
@@ -18344,7 +18344,7 @@ CVE-2018-0910
CVE-2018-0909
RESERVED
CVE-2018-0908 (Microsoft Identity Manager 2016 SP1 allows an attacker to gain
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-0907
RESERVED
CVE-2018-0906
@@ -19324,11 +19324,11 @@ CVE-2018-0522
CVE-2018-0521
RESERVED
CVE-2018-0520 (Cross-site request forgery (CSRF) vulnerability in FS010W
firmware ...)
- TODO: check
+ NOT-FOR-US: FS010W firmware
CVE-2018-0519 (Cross-site scripting vulnerability in FS010W firmware
FS010W_00_V1.3.0 ...)
- TODO: check
+ NOT-FOR-US: FS010W firmware
CVE-2018-0518 (LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509
certificates ...)
- TODO: check
+ NOT-FOR-US: LINE for iOS
CVE-2018-0517 (Untrusted search path vulnerability in Anshin net security for
Windows ...)
NOT-FOR-US: Anshin net security for Windows
CVE-2018-0516 (Untrusted search path vulnerability in FLET'S v4 / v6 address
...)
@@ -21299,9 +21299,9 @@ CVE-2017-16820 (The csnmp_read_table function in snmp.c
in the SNMP plugin in co
[wheezy] - collectd <not-affected> (Vulnerable code not present)
NOTE: https://github.com/collectd/collectd/issues/2291
CVE-2017-16814 (A Directory Traversal issue was discovered in the Foxit
MobilePDF app ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2017-16813 (A denial-of-service issue was discovered in the Foxit
MobilePDF app ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2017-16812
RESERVED
CVE-2017-16811
@@ -24071,11 +24071,11 @@ CVE-2016-10517 (networking.c in Redis before 3.2.7
allows "Cross Protocol S
CVE-2017-15863 (Cross Site Scripting (XSS) exists in the wp-noexternallinks
plugin ...)
NOT-FOR-US: WordPress plugin wp-noexternallinks
CVE-2017-15862 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-15861 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-15860 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-15859
RESERVED
NOT-FOR-US: Qualcomm component for Android
@@ -24850,7 +24850,7 @@ CVE-2017-15520
CVE-2017-15519
RESERVED
CVE-2017-15518 (All versions of OnCommand API Services prior to 2.1 and NetApp
Service ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2017-15517 (AltaVault OST Plug-in versions prior to 1.2.2 may allow
attackers to ...)
NOT-FOR-US: AltaVault OST Plug-in
CVE-2017-15516 (NetApp SnapCenter Server versions 1.1 through 2.x are
susceptible to a ...)
@@ -28354,13 +28354,13 @@ CVE-2017-14462
CVE-2017-14461
RESERVED
CVE-2017-14460 (An exploitable overly permissive cross-domain (CORS) whitelist
...)
- TODO: check
+ - parity <itp> (bug #890550)
CVE-2017-14459
RESERVED
CVE-2017-14458
RESERVED
CVE-2017-14457 (An exploitable information leak/denial of service
vulnerability exists ...)
- TODO: check
+ - cpp-etherum <itp> (bug #860434)
CVE-2017-14456
RESERVED
CVE-2017-14455
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d9f626cfa456c82ac2d272f4d4f6f7bdd45c2d61
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d9f626cfa456c82ac2d272f4d4f6f7bdd45c2d61
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
