Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f9aafce9 by Salvatore Bonaccorso at 2018-03-03T10:25:14+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -652,7 +652,7 @@ CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c
in ImageMagick 7.0.7-
CVE-2018-7434 (zzcms 8.2 allows remote attackers to discover the full path via
a ...)
NOT-FOR-US: zzcms
CVE-2018-7433 (The iThemes Security plugin before 6.9.1 for WordPress does not
...)
- TODO: check
+ NOT-FOR-US: iThemes Security plugin for WordPress
CVE-2018-7432
RESERVED
CVE-2018-7431
@@ -3445,7 +3445,7 @@ CVE-2018-6492
CVE-2018-6491
RESERVED
CVE-2018-6490 (Denial of Service vulnerability in Micro Focus Operations ...)
- TODO: check
+ NOT-FOR-US: Micro Focus Operations Orchestration Software
CVE-2018-6489 (XML External Entity (XXE) vulnerability in Micro Focus Project
and ...)
NOT-FOR-US: Micro Focus Project and Portfolio Management Center
CVE-2018-6488 (Arbitrary Code Execution vulnerability in Micro Focus Universal
CMDB, ...)
@@ -16166,7 +16166,7 @@ CVE-2018-1375
CVE-2018-1374
RESERVED
CVE-2018-1373 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses
an ...)
- TODO: check
+ NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1372 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does
not ...)
NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1371
@@ -17404,9 +17404,9 @@ CVE-2018-1172
CVE-2018-1171
RESERVED
CVE-2018-1170 (This vulnerability allows adjacent attackers to inject
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Volkswagen Customer-Link App and HTC Customer-Link Bridge
CVE-2018-1169 (This vulnerability allows remote attackers to execute arbitrary
code ...)
- TODO: check
+ NOT-FOR-US: Amazon Music Player
CVE-2018-1168 (This vulnerability allows local attackers to escalate
privileges on ...)
NOT-FOR-US: ABB MicroSCADA
CVE-2018-1167
@@ -43390,7 +43390,7 @@ CVE-2017-9461 (smbd in Samba before 4.4.10 and 4.5.x
before 4.5.6 has a denial o
NOTE:
https://git.samba.org/?p=samba.git;a=commitdiff;h=10c3e3923022485c720f322ca4f0aca5d7501310
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12572
CVE-2017-9447 (In the web interface of Parallels Remote Application Server
(RAS) 15.5 ...)
- TODO: check
+ NOT-FOR-US: Parallels Remote Application Server
CVE-2017-9446
RESERVED
CVE-2017-9445 (In systemd through 233, certain sizes passed to dns_packet_new
in ...)
@@ -44074,7 +44074,7 @@ CVE-2017-9289 (Bram Korsten Note through 1.2.0 is
vulnerable to a reflected XSS
CVE-2017-9288 (The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a
reflected ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-9286 (The packaging of NextCloud in openSUSE used /srv/www/htdocs in
an ...)
- TODO: check
+ NOT-FOR-US: OpenSUSE specific packaging issue of NextCloud
CVE-2017-9285 (NetIQ eDirectory before 9.0 SP4 did not enforce login
restrictions ...)
TODO: check
CVE-2017-9284
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9aafce95043d585c9b51e09509c12e551af5ddc
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9aafce95043d585c9b51e09509c12e551af5ddc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
