[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7e2519b by Moritz Muehlenhoff at 2018-04-01T22:24:57+02:00
NFUs

- - - - -
554aa805 by Moritz Muehlenhoff at 2018-04-01T22:26:37+02:00
irssi DSA

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -20,11 +20,11 @@ CVE-2018-9160 (SickRage before v2018.03.09-1 includes cleartext credentials in H
 CVE-2018-9159 (In Spark before 2.7.2, a remote attacker can read unintended static ...)
 	NOT-FOR-US: Spark Java framework (unrelated to src:spark)
 CVE-2018-9158 (An issue was discovered on AXIS M1033-W (IP camera) Firmware version ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2018-9157 (** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2018-9156 (** DISPUTED ** An issue was discovered on AXIS P1354 (IP camera) ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2018-9155
 	RESERVED
 CVE-2018-9154
@@ -45,7 +45,7 @@ CVE-2018-9151 (A NULL pointer dereference bug in the function ...)
 CVE-2018-9150
 	RESERVED
 CVE-2018-9149 (The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2018-9148 (Western Digital WD My Cloud v04.05.00-320 devices embed the session ...)
 	NOT-FOR-US: Western Digital WD My Cloud
 CVE-2018-9147 (Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage ...)
@@ -6180,7 +6180,7 @@ CVE-2018-6851
 CVE-2018-6850
 	RESERVED
 CVE-2018-6849 (In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site ...)
-	TODO: check
+	NOT-FOR-US: DuckDuckGo
 CVE-2018-6848
 	RESERVED
 CVE-2018-6847


=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,6 @@
+[01 Apr 2018] DSA-4162-1 irssi - security update
+	{CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208 CVE-2018-7050 CVE-2018-7051 CVE-2018-7052 CVE-2018-7053 CVE-2018-7054}
+	[stretch] - irssi 1.0.7-1~deb9u1
 [01 Apr 2018] DSA-4161-1 python-django - security update
 	{CVE-2018-7536 CVE-2018-7537}
 	[jessie] - python-django 1.7.11-1+deb8u3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/252a0809a6fbbe0aa5cca66cc2491c625366619c...554aa805580ef153d20be1fc83d39bdef5ddabe5

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/252a0809a6fbbe0aa5cca66cc2491c625366619c...554aa805580ef153d20be1fc83d39bdef5ddabe5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180401/a8263846/attachment.html>