[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Apr 10 09:25:08 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
86ea50bd by Salvatore Bonaccorso at 2018-04-10T10:24:52+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,5 +1,5 @@
 CVE-2018-9934 (The reset-password feature in MetInfo 6.0 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: MetInfo
 CVE-2018-9933
 	RESERVED
 CVE-2018-9932
@@ -11,19 +11,19 @@ CVE-2018-9930
 CVE-2018-9929
 	RESERVED
 CVE-2018-9928 (Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 ...)
-	TODO: check
+	NOT-FOR-US: MetInfo
 CVE-2018-9927 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
-	TODO: check
+	NOT-FOR-US: WUZHI CMS
 CVE-2018-9926 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
-	TODO: check
+	NOT-FOR-US: WUZHI CMS
 CVE-2018-9925 (An issue was discovered in idreamsoft iCMS through 7.0.7. XSS exists ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-9924 (An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-9923 (An issue was discovered in idreamsoft iCMS through 7.0.7. CSRF exists ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-9922 (An issue was discovered in idreamsoft iCMS through 7.0.7. Physical path ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-9921
 	RESERVED
 CVE-2018-9920
@@ -195,7 +195,7 @@ CVE-2018-9841 (The export function in libavfilter/vf_signature.c in FFmpeg throu
 	[stretch] - ffmpeg <postponed> (Can wait until the next ffmpeg 3.2.x release)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=35eeff30caf34df835206f1c12bcf4b7c2bd6758
 CVE-2018-9840 (The Open Whisper Signal app before 2.23.2 for iOS allows physically ...)
-	TODO: check
+	NOT-FOR-US: Open Whisper Signal app for iOS
 CVE-2018-9839
 	RESERVED
 CVE-2018-1000166 [Unsafe use of sprintf() can allow a remote unauthenticated attacker to execute arbitrary code]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/86ea50bda4d081a759fa4eb25088c10c411167b3

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/86ea50bda4d081a759fa4eb25088c10c411167b3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180410/a579e3ed/attachment.html>

More information about the debian-security-tracker-commits mailing list