Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6025a50f by Salvatore Bonaccorso at 2018-03-07T11:00:22+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4,9 +4,9 @@ CVE-2018-7740 (The resv_map_release function in mm/hugetlb.c in 
the Linux kernel
 CVE-2018-7739 (antsle antman before 0.9.1a allows remote attackers to bypass 
...)
        TODO: check
 CVE-2018-7737 (In Z-BlogPHP 1.5.1.1740, there is Web Site physical path 
leakage, as ...)
-       TODO: check
+       NOT-FOR-US: Z-BlogPHP
 CVE-2018-7736 (In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the 
ZC_BLOG_SUBNAME ...)
-       TODO: check
+       NOT-FOR-US: Z-BlogPHP
 CVE-2017-18221 (The __munlock_pagevec function in mm/mlock.c in the Linux 
kernel before ...)
        - linux 4.11.6-1
        [stretch] - linux 4.9.47-1
@@ -57,7 +57,7 @@ CVE-2018-7723 (The management panel in Piwigo 2.9.3 has 
stored XSS via the ...)
 CVE-2018-7722 (The management panel in Piwigo 2.9.3 has stored XSS via the 
name ...)
        - piwigo <removed>
 CVE-2018-7721 (Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via ...)
-       TODO: check
+       NOT-FOR-US: MetInfo
 CVE-2018-7720 (A cross-site request forgery (CSRF) vulnerability exists in 
Western ...)
        TODO: check
 CVE-2018-7719
@@ -277,7 +277,7 @@ CVE-2018-1000115 (Memcached version 1.5.5 contains an 
Insufficient Control of Ne
        NOTE: (upstream) is to listen on all IP addresses. [...] so make sure
        NOTE: it's listening on a firewalled interface."
 CVE-2018-7650 (PHP Scripts Mall Hot Scripts Clone:Script Classified Version 
3.1 ...)
-       TODO: check
+       NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone:Script Classified 
Application
 CVE-2018-7649
        RESERVED
 CVE-2018-7648 (An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 
2.3.0. The ...)
@@ -3630,13 +3630,13 @@ CVE-2018-6532 (An issue was discovered in Icinga 2.x 
through 2.8.1. By sending .
 CVE-2018-6531
        RESERVED
 CVE-2018-6530 (OS command injection vulnerability in soap.cgi (soapcgi_main in 
...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6529 (XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in 
D-Link ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6528 (XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in 
D-Link ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6527 (XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php 
in ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6526 (view_all_bug_page.php in MantisBT before 2018-02-02 allows 
remote ...)
        - mantis <removed>
        [wheezy] - mantis <end-of-life> (Not supported in wheezy LTS)
@@ -5079,7 +5079,7 @@ CVE-2018-6021
 CVE-2018-6020
        RESERVED
 CVE-2018-6019 (Samsung Display Solutions App before 3.02 for Android allows 
...)
-       TODO: check
+       NOT-FOR-US: Samsung Display Solutions App for Android
 CVE-2018-6018 (Fixed sizes of HTTPS responses in Tinder iOS app and Tinder 
Android ...)
        NOT-FOR-US: Tinder
 CVE-2018-6017 (Unencrypted transmission of images in Tinder iOS app and Tinder 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6025a50f6f7f5bb0abdca008c2d3b80fce5e43f6

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6025a50f6f7f5bb0abdca008c2d3b80fce5e43f6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to