[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Apr 5 21:16:44 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7e2c3f39 by Salvatore Bonaccorso at 2018-04-05T22:16:22+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,7 +3,7 @@ CVE-2018-9330
 CVE-2018-9329
 	RESERVED
 CVE-2018-9328 (PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the ter_from ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Redbus Clone Script
 CVE-2018-9327
 	RESERVED
 CVE-2018-9326
@@ -41,7 +41,7 @@ CVE-2018-9311
 CVE-2018-1000155
 	RESERVED
 CVE-2018-1000154 (Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper ...)
-	TODO: check
+	NOT-FOR-US: Zammad GmbH Zammad
 CVE-2018-1000142 (An exposure of sensitive information vulnerability exists in Jenkins ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000143 (An exposure of sensitive information vulnerability exists in Jenkins ...)
@@ -325,7 +325,7 @@ CVE-2018-9240 (ncmpc through 0.29 is prone to a NULL pointer dereference flaw. I
 	[jessie] - ncmpc <no-dsa> (Minor issue)
 	[wheezy] - ncmpc <no-dsa> (Minor issue)
 CVE-2018-9233 (Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2018-9232
 	RESERVED
 CVE-2018-9231
@@ -6164,7 +6164,7 @@ CVE-2018-7037
 CVE-2018-7036
 	RESERVED
 CVE-2018-7035 (Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2.0 ...)
-	TODO: check
+	NOT-FOR-US: Gleez CMS
 CVE-2018-7034 (TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 ...)
 	NOT-FOR-US: TRENDnet devices
 CVE-2018-7033 (SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL ...)
@@ -12380,7 +12380,7 @@ CVE-2018-4865
 CVE-2018-4864
 	RESERVED
 CVE-2018-4863 (Sophos Endpoint Protection 10.7 allows local users to bypass an ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2018-4862 (In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an ...)
 	NOT-FOR-US: Octopus Deploy
 CVE-2018-4861



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e2c3f39da216eb869faebe2e3e0f452b9ce21b9

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e2c3f39da216eb869faebe2e3e0f452b9ce21b9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180405/ee843bd4/attachment.html>

More information about the debian-security-tracker-commits mailing list