[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Apr 4 21:29:41 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
896b8d4a by Salvatore Bonaccorso at 2018-04-04T22:29:18+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -151,9 +151,9 @@ CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzm
 CVE-2018-9250
 	RESERVED
 CVE-2018-9249 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ...)
-	TODO: check
+	NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
 CVE-2018-9248 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via ...)
-	TODO: check
+	NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
 CVE-2018-9247 (The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in ...)
 	NOT-FOR-US: Gxlcms QY
 CVE-2018-9246
@@ -921,7 +921,7 @@ CVE-2017-18242 (The apply_dependent_coupling function in libavcodec/aacdec.c in 
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1093
 CVE-2018-8941 (Diagnostics functionality on D-Link DSL-3782 devices with firmware EU ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-8940
 	RESERVED
 CVE-2018-8939
@@ -1210,9 +1210,9 @@ CVE-2018-8816
 CVE-2018-8815 (Cross-site scripting (XSS) vulnerability in the gallery function in ...)
 	NOT-FOR-US: Alkacon OpenCMS
 CVE-2018-8814 (Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 ...)
-	TODO: check
+	NOT-FOR-US: WolfCMS
 CVE-2018-8813 (Open redirect vulnerability in the login[redirect] parameter login ...)
-	TODO: check
+	NOT-FOR-US: WolfCMS
 CVE-2018-8812
 	RESERVED
 CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -1530,7 +1530,7 @@ CVE-2018-8721 (Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has 
 CVE-2018-8720 (ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name ...)
 	NOT-FOR-US: ServiceNow ITSM
 CVE-2018-8719 (An issue was discovered in the WP Security Audit Log plugin 3.1.1 for ...)
-	TODO: check
+	NOT-FOR-US: WP Security Audit Log plugin for WordPress
 CVE-2018-8718 (Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin ...)
 	- jenkins-mailer-plugin <removed>
 CVE-2017-18232 (The Serial Attached SCSI (SAS) implementation in the Linux kernel ...)
@@ -20439,7 +20439,7 @@ CVE-2018-1471
 CVE-2018-1470
 	RESERVED
 CVE-2018-1469 (IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow ...)
-	TODO: check
+	NOT-FOR-US: IBM API Connect Developer Portal
 CVE-2018-1468
 	RESERVED
 CVE-2018-1467
@@ -20483,7 +20483,7 @@ CVE-2018-1449
 CVE-2018-1448 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1447 (The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect ...)
-	TODO: check
+	NOT-FOR-US: IBM Spectrum Protect
 CVE-2018-1446
 	RESERVED
 CVE-2018-1445
@@ -20535,7 +20535,7 @@ CVE-2018-1423
 CVE-2018-1422
 	RESERVED
 CVE-2018-1421 (IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere DataPower Appliances
 CVE-2018-1420
 	RESERVED
 CVE-2018-1419
@@ -23133,7 +23133,7 @@ CVE-2018-0988
 CVE-2018-0987
 	RESERVED
 CVE-2018-0986 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-0985
 	RESERVED
 CVE-2018-0984



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/896b8d4aa59a57c068f3262b1357455f361332d5

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/896b8d4aa59a57c068f3262b1357455f361332d5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180404/854dae2b/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list