[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Dec 30 09:42:28 UTC 2017 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a5ab5a17 by Salvatore Bonaccorso at 2017-12-30T10:42:09+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -8,35 +8,35 @@ CVE-2017-17997 (In Wireshark 2.2.11 and before, the MRDISC dissector misuses a N
 CVE-2017-17996
 	RESERVED
 CVE-2017-17995 (Biometric Shift Employee Management System has XSS via the Last_Name ...)
-	TODO: check
+	NOT-FOR-US: Biometric Shift Employee Management System
 CVE-2017-17994 (Biometric Shift Employee Management System has XSS via the criteria ...)
-	TODO: check
+	NOT-FOR-US: Biometric Shift Employee Management System
 CVE-2017-17993 (Biometric Shift Employee Management System has XSS via the amount ...)
-	TODO: check
+	NOT-FOR-US: Biometric Shift Employee Management System
 CVE-2017-17992 (Biometric Shift Employee Management System allows Arbitrary File ...)
-	TODO: check
+	NOT-FOR-US: Biometric Shift Employee Management System
 CVE-2017-17991 (Biometric Shift Employee Management System has XSS via the expense_name ...)
-	TODO: check
+	NOT-FOR-US: Biometric Shift Employee Management System
 CVE-2017-17990 (Biometric Shift Employee Management System has CSRF via index.php in an ...)
-	TODO: check
+	NOT-FOR-US: Biometric Shift Employee Management System
 CVE-2017-17989 (Biometric Shift Employee Management System has XSS via the index.php ...)
-	TODO: check
+	NOT-FOR-US: Biometric Shift Employee Management System
 CVE-2017-17988 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17987 (PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file upload ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17986 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17985 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17984 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17983 (PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17982 (PHP Scripts Mall Muslim Matrimonial Script has CSRF via ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17981 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17980
 	RESERVED
 CVE-2017-17979
@@ -50,7 +50,7 @@ CVE-2017-17976
 CVE-2017-17975 (Use-after-free in the usbtv_probe function in ...)
 	- linux <unfixed>
 CVE-2017-17974 (BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv ...)
-	TODO: check
+	NOT-FOR-US: BA SYSTEMS BAS Web on BAS920 devices
 CVE-2017-17973 (In LibTIFF 4.0.8, there is a heap-based use-after-free in the ...)
 	- tiff <unfixed>
 	[stretch] - tiff <no-dsa> (Minor issue)
@@ -669,7 +669,7 @@ CVE-2017-17903 (FS Lynda Clone has CSRF via user/edit_profile, as demonstrated b
 CVE-2017-17902
 	RESERVED
 CVE-2017-17901 (ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: ZyXEL
 CVE-2017-17900 (SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM ...)
 	- dolibarr <unfixed> (bug #885321)
 	[stretch] - dolibarr <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a5ab5a1772324d4efdb8cf350195e82b430aab64

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a5ab5a1772324d4efdb8cf350195e82b430aab64
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20171230/046b3613/attachment.html>

More information about the Secure-testing-commits mailing list