Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a8b515bf by Moritz Muehlenhoff at 2018-04-04T23:18:20+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -250,7 +250,7 @@ CVE-2018-9207
 CVE-2018-9206
        RESERVED
 CVE-2018-9205 (Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in 
view.php ...)
-       TODO: check
+       NOT-FOR-US: avatar_uploader
 CVE-2018-9204
        RESERVED
 CVE-2018-9203
@@ -438,7 +438,7 @@ CVE-2018-9128 (DVD X Player Standard 5.5.3.9 has a Buffer 
Overflow via a crafted
 CVE-2018-9127 (Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled 
wildcard ...)
        - botan 2.4.0-5 (bug #894648)
 CVE-2018-9126 (The DNNArticle module 11 for DNN (formerly DotNetNuke) allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: DNN
 CVE-2018-9125
        RESERVED
 CVE-2018-9124
@@ -452,7 +452,7 @@ CVE-2018-9121 (In Crea8social 2018.2, there is Stored 
Cross-Site Scripting via a
 CVE-2018-9120 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via 
a post. ...)
        NOT-FOR-US: Crea8social
 CVE-2018-9119 (An attacker with physical access to a BrilliantTS FUZE card 
(MCU ...)
-       TODO: check
+       NOT-FOR-US: BrilliantTS FUZE card
 CVE-2018-9118
        RESERVED
 CVE-2018-9117 (WireMock before 2.16.0 contains a vulnerability that allows a 
remote ...)
@@ -460,7 +460,7 @@ CVE-2018-9117 (WireMock before 2.16.0 contains a 
vulnerability that allows a rem
 CVE-2018-9116 (An XXE vulnerability within WireMock before 2.16.0 allows a 
remote ...)
        NOT-FOR-US: WireMock
 CVE-2018-9115 (Systematic SitaWare 6.4 SP2 does not validate input from other 
sources ...)
-       TODO: check
+       NOT-FOR-US: Systematic SitaWare
 CVE-2018-9114
        RESERVED
 CVE-2018-9113
@@ -632,9 +632,9 @@ CVE-2018-9037
 CVE-2018-9036
        RESERVED
 CVE-2018-9035 (CSV Injection vulnerability in ExportToCsvUtf8.php of the 
Contact Form ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2018-9034 (Cross-site scripting (XSS) vulnerability in lib/interface.php 
of the ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2018-9033
        RESERVED
 CVE-2018-9032 (An authentication bypass vulnerability on D-Link DIR-850L 
Wireless ...)
@@ -2974,7 +2974,7 @@ CVE-2018-8050 (The af_get_page() function in 
lib/afflib_pages.cpp in AFFLIB (aka
        NOTE: 
https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c
        NOTE: Negligable security impact
 CVE-2018-8049 (The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before 
...)
-       TODO: check
+       NOT-FOR-US: Unisys Stealth SVG
 CVE-2018-8048 (In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML 
...)
        - ruby-loofah 2.2.1-1 (bug #893596)
        NOTE: https://github.com/flavorjones/loofah/issues/144
@@ -6465,9 +6465,9 @@ CVE-2018-6876 (The OLEProperty class in ole/oleprop.cpp 
in libfpx 1.3.1-10, as u
 CVE-2018-6875 (Format String vulnerability in KeepKey version 4.0.0 allows 
attackers ...)
        NOT-FOR-US: KeepKey
 CVE-2018-6874 (CSRF exists in the Auth0 authentication service through 14591 
if the ...)
-       TODO: check
+       NOT-FOR-US: Auth0
 CVE-2018-6873 (The Auth0 authentication service before 2017-10-15 allows 
privilege ...)
-       TODO: check
+       NOT-FOR-US: Auth0
 CVE-2018-6872 (The elf_parse_notes function in elf.c in the Binary File 
Descriptor ...)
        - binutils 2.30-4
        [stretch] - binutils <ignored> (Minor issue)
@@ -7137,7 +7137,7 @@ CVE-2017-18149
 CVE-2017-18148
        RESERVED
 CVE-2017-18147 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD 
Android with ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18146
        RESERVED
 CVE-2017-18145
@@ -7667,7 +7667,7 @@ CVE-2017-18098
 CVE-2017-18097
        RESERVED
 CVE-2017-18096 (The OAuth status rest resource in Atlassian Application Links 
before ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Application Links
 CVE-2017-18095 (The SnippetRPCServiceImpl class in Atlassian Crucible before 
version ...)
        NOT-FOR-US: Atlassian Crucible
 CVE-2017-18094 (Various resources in Atlassian Fisheye and Crucible before 
version ...)
@@ -13706,7 +13706,7 @@ CVE-2018-4132 (An issue was discovered in certain Apple 
products. macOS before .
 CVE-2018-4131 (An issue was discovered in certain Apple products. iOS before 
11.3 is ...)
        NOT-FOR-US: Apple
 CVE-2018-4130 (An issue was discovered in certain Apple products. iOS before 
11.3 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2018-4129 (An issue was discovered in certain Apple products. iOS before 
11.3 is ...)
        - webkit2gtk <unfixed> (unimportant)
        NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
@@ -13734,7 +13734,7 @@ CVE-2018-4122 (An issue was discovered in certain Apple 
products. iOS before 11.
        NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
        NOTE: Not covered by security support
 CVE-2018-4121 (An issue was discovered in certain Apple products. iOS before 
11.3 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2018-4120 (An issue was discovered in certain Apple products. iOS before 
11.3 is ...)
        - webkit2gtk <unfixed> (unimportant)
        NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
@@ -14957,7 +14957,7 @@ CVE-2018-3691
 CVE-2018-3690
        RESERVED
 CVE-2018-3689 (AESM daemon in Intel Software Guard Extensions Platform 
Software ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-3688
        RESERVED
 CVE-2018-3687
@@ -32044,7 +32044,7 @@ CVE-2017-14882 (In Android for MSM, Firefox OS for MSM, 
QRD Android, with all An
 CVE-2017-14881 (While calling the IPA IOCTL handler for 
IPA_IOC_ADD_HDR_PROC_CTX in ...)
        NOT-FOR-US: Qualcomm component for Android
 CVE-2017-14880 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD 
Android with ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-14878 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
@@ -34910,7 +34910,7 @@ CVE-2017-13906
 CVE-2017-13905
        RESERVED
 CVE-2017-13904 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13903 (An issue was discovered in certain Apple products. iOS before 
11.2.1 ...)
        NOT-FOR-US: Apple
 CVE-2017-13902
@@ -34970,7 +34970,7 @@ CVE-2017-13879 (An issue was discovered in certain 
Apple products. iOS before 11
 CVE-2017-13878 (An issue was discovered in certain Apple products. macOS 
before ...)
        NOT-FOR-US: Apple
 CVE-2017-13877 (An issue was discovered in certain Apple products. iOS before 
11 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13876 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
        NOT-FOR-US: Apple
 CVE-2017-13875 (An issue was discovered in certain Apple products. macOS 
before ...)
@@ -34978,7 +34978,7 @@ CVE-2017-13875 (An issue was discovered in certain 
Apple products. macOS before 
 CVE-2017-13874 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
        NOT-FOR-US: Apple
 CVE-2017-13873 (An issue was discovered in certain Apple products. iOS before 
11 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13872 (An issue was discovered in certain Apple products. macOS High 
Sierra ...)
        NOT-FOR-US: Apple
 CVE-2017-13871 (An issue was discovered in certain Apple products. macOS 
before ...)
@@ -35002,7 +35002,7 @@ CVE-2017-13865 (An issue was discovered in certain 
Apple products. iOS before 11
 CVE-2017-13864 (An issue was discovered in certain Apple products. iCloud 
before 7.2 ...)
        NOT-FOR-US: Apple
 CVE-2017-13863 (An issue was discovered in certain Apple products. iOS before 
11 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13862 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
        NOT-FOR-US: Apple
 CVE-2017-13861 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
@@ -35022,15 +35022,15 @@ CVE-2017-13856 (An issue was discovered in certain 
Apple products. iOS before 11
 CVE-2017-13855 (An issue was discovered in certain Apple products. iOS before 
11.2 is ...)
        NOT-FOR-US: Apple
 CVE-2017-13854 (An issue was discovered in certain Apple products. iOS before 
11 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13853 (An issue was discovered in certain Apple products. macOS 
before ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13852 (An issue was discovered in certain Apple products. iOS before 
11.1 is ...)
        NOT-FOR-US: Apple
 CVE-2017-13851 (An issue was discovered in certain Apple products. macOS 
before 10.13 ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13850 (An issue was discovered in certain Apple products. macOS 
before ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13849 (An issue was discovered in certain Apple products. iOS before 
11.1 is ...)
        NOT-FOR-US: Apple
 CVE-2017-13848 (An issue was discovered in certain Apple products. macOS 
before ...)
@@ -35052,11 +35052,11 @@ CVE-2017-13841 (An issue was discovered in certain 
Apple products. macOS before 
 CVE-2017-13840 (An issue was discovered in certain Apple products. macOS 
before ...)
        NOT-FOR-US: Apple
 CVE-2017-13839 (An issue was discovered in certain Apple products. macOS 
before 10.13 ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13838 (An issue was discovered in certain Apple products. macOS 
before ...)
        NOT-FOR-US: Apple
 CVE-2017-13837 (An issue was discovered in certain Apple products. macOS 
before 10.13 ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13836 (An issue was discovered in certain Apple products. macOS 
before ...)
        NOT-FOR-US: Apple
 CVE-2017-13835
@@ -35076,7 +35076,7 @@ CVE-2017-13829 (An issue was discovered in certain 
Apple products. macOS before 
 CVE-2017-13828 (An issue was discovered in certain Apple products. macOS 
before ...)
        NOT-FOR-US: Apple
 CVE-2017-13827 (An issue was discovered in certain Apple products. macOS 
before 10.13 ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13826
        REJECTED
 CVE-2017-13825 (An issue was discovered in certain Apple products. macOS 
before ...)
@@ -35118,7 +35118,7 @@ CVE-2017-13808 (An issue was discovered in certain 
Apple products. macOS before 
 CVE-2017-13807 (An issue was discovered in certain Apple products. macOS 
before ...)
        NOT-FOR-US: Apple
 CVE-2017-13806 (An issue was discovered in certain Apple products. iOS before 
11 is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2017-13805 (An issue was discovered in certain Apple products. iOS before 
11.1 is ...)
        NOT-FOR-US: Apple
 CVE-2017-13804 (An issue was discovered in certain Apple products. iOS before 
11.1 is ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8b515bf36fc0eb3427f8fa5b0d7742f828a7c44

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8b515bf36fc0eb3427f8fa5b0d7742f828a7c44
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to