Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a209a309 by Moritz Muehlenhoff at 2018-04-11T14:05:57+02:00
NFUs

- - - - -
bdd1de62 by Moritz Muehlenhoff at 2018-04-11T14:06:15+02:00
Merge branch 'master' of 
https://salsa.debian.org/security-tracker-team/security-tracker

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -34562,7 +34562,7 @@ CVE-2017-14613
 CVE-2017-14612
        RESERVED
 CVE-2017-14611 (SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: Cockpit CMS (different from src:cockpit)
 CVE-2017-14610 (bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 
16.2.6 ...)
        - bareos <unfixed> (bug #877334)
        [stretch] - bareos <no-dsa> (Minor issue)
@@ -35415,7 +35415,7 @@ CVE-2017-14324 (In ImageMagick 7.0.7-1 Q16, a memory 
leak vulnerability was foun
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/739
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/399631650b38eaf21c2f3c306b8b74e66be6a0d2
 CVE-2017-14323 (SSRF (Server Side Request Forgery) in getRemoteImage.php in 
Ueditor in ...)
-       TODO: check
+       NOT-FOR-US: Onethink
 CVE-2017-14322 (The function in charge to check whether the user is already 
logged in ...)
        NOT-FOR-US: Interspire Email Marketer
 CVE-2017-14321 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -76328,7 +76328,7 @@ CVE-2017-0433 (An elevation of privilege vulnerability 
in the Synaptics touchscr
 CVE-2017-0432 (An elevation of privilege vulnerability in the MediaTek driver 
could ...)
        NOT-FOR-US: Mediatek driver for Android
 CVE-2017-0431 (An elevation of privilege vulnerability in Qualcomm closed 
source ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2017-0430 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
        NOT-FOR-US: Broadcom driver for Android
 CVE-2017-0429 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
@@ -80988,7 +80988,7 @@ CVE-2016-8484 (An elevation of privilege vulnerability 
in Qualcomm closed source
 CVE-2016-8483 (An information disclosure vulnerability in the Qualcomm power 
driver ...)
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8482 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver. ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8481 (An elevation of privilege vulnerability in the Qualcomm sound 
driver ...)
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8480 (An elevation of privilege vulnerability in the Qualcomm Secure 
...)
@@ -153773,7 +153773,7 @@ CVE-2014-2075 (TIBCO Enterprise Administrator 1.0.0 
and Enterprise Administrator
 CVE-2014-2074
        RESERVED
 CVE-2014-2073 (Stack-based buffer overflow in Dassault Systemes CATIA 
V5-6R2013 ...)
-       TODO: check
+       NOT-FOR-US: Dassault Systemes Catia
 CVE-2014-2072
        RESERVED
        NOT-FOR-US: Dassault Systemes Catia
@@ -154041,7 +154041,7 @@ CVE-2014-1952
 CVE-2014-1951
        RESERVED
 CVE-2014-1946 (OpenDocMan 1.2.7 and earlier does not properly validate allowed 
...)
-       TODO: check
+       NOT-FOR-US: OpenDocMan
 CVE-2014-1945 (SQL injection vulnerability in ajax_udf.php in OpenDocMan 
before ...)
        NOT-FOR-US: OpenDocMan
 CVE-2014-1944 (Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and 
earlier ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/2c32160880a776e48f7b1051d5c59106598d85f2...bdd1de62c2618453a8f9dccf14f810930d5a8893

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/2c32160880a776e48f7b1051d5c59106598d85f2...bdd1de62c2618453a8f9dccf14f810930d5a8893
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to