[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Thu Apr 12 14:18:52 BST 2018

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3d0a2323 by Moritz Muehlenhoff at 2018-04-12T15:18:33+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -27868,21 +27868,21 @@ CVE-2018-0025
 CVE-2018-0024
 	RESERVED
 CVE-2018-0023 (JSNAPy is an open source python version of Junos Snapshot ...)
-	TODO: check
+	NOT-FOR-US: JSNAPy
 CVE-2018-0022 (A Junos device with VPLS routing-instances configured on one or more ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2018-0021 (If all 64 digits of the connectivity association name (CKN) key or all ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2018-0020 (Junos OS may be impacted by the receipt of a malformed BGP UPDATE ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2018-0019 (A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2018-0018 (On SRX Series devices during compilation of IDP policies, an attacker ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2018-0017 (A vulnerability in the Network Address Translation - Protocol ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2018-0016 (Receipt of a specially crafted Connectionless Network Protocol (CLNP) ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2018-0015 (A malicious user with unrestricted access to the AppFormix application ...)
 	NOT-FOR-US: AppFormix
 CVE-2018-0014 (Juniper Networks ScreenOS devices do not pad Ethernet packets with ...)
@@ -32277,7 +32277,7 @@ CVE-2017-15329 (Huawei UMA V200R001C00 has a SQL injection vulnerability in the 
 CVE-2017-15328 (Huawei HG8245H version earlier than V300R018C00SPC110 has an ...)
 	NOT-FOR-US: Huawei
 CVE-2017-15327 (S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2017-15326 (DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption ...)
 	NOT-FOR-US: Huawei
 CVE-2017-15325 (The Bdat driver of Prague smart phones with software versions earlier ...)
@@ -35160,7 +35160,7 @@ CVE-2017-14461 (A specially crafted email delivered over SMTP and passed on to D
 CVE-2017-14460 (An exploitable overly permissive cross-domain (CORS) whitelist ...)
 	- parity <itp> (bug #890550)
 CVE-2017-14459 (An exploitable OS Command Injection vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14458
 	RESERVED
 CVE-2017-14457 (An exploitable information leak/denial of service vulnerability exists ...)
@@ -37508,9 +37508,9 @@ CVE-2017-13680 (Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Pro
 CVE-2017-13679 (A denial of service (DoS) attack in Symantec Encryption Desktop before ...)
 	NOT-FOR-US: Symantec
 CVE-2017-13678 (Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2017-13677 (Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2017-13676 (Norton Remove & Reinstall can be susceptible to a DLL preloading ...)
 	NOT-FOR-US: Symantec
 CVE-2017-13675 (A denial of service (DoS) attack in Symantec Endpoint Encryption ...)
@@ -45493,7 +45493,7 @@ CVE-2017-11013 (In android for MSM, Firefox OS for MSM, QRD Android, with all An
 CVE-2017-11012 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11011 (In Android before security patch level 2018-04-05 on Qualcomm ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11010 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11009
@@ -53568,9 +53568,9 @@ CVE-2017-8277 (In all Qualcomm products with Android releases from CAF using the
 CVE-2017-8276
 	RESERVED
 CVE-2017-8275 (In Android before security patch level 2018-04-05 on Qualcomm ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-8274 (In Android before security patch level 2018-04-05 on Qualcomm ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-8273 (In all Qualcomm products with Android release from CAF using the Linux ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8272 (In all Qualcomm products with Android releases from CAF using the ...)
@@ -53815,7 +53815,7 @@ CVE-2017-8156 (The outdoor unit of Customer Premise Equipment (CPE) product B233
 CVE-2017-8155 (The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 ...)
 	NOT-FOR-US: Huawei
 CVE-2017-8154 (The Themes App Honor 8 Lite Huawei mobile phones with software of ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2017-8153 (Huawei VMall (for Android) with the versions before 1.5.8.5 have a ...)
 	NOT-FOR-US: Huawei
 CVE-2017-8152 (Huawei Honor 5S smart phones with software the versions before ...)
@@ -57460,7 +57460,7 @@ CVE-2016-10260
 CVE-2016-10259 (Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and ...)
 	NOT-FOR-US: Blue Coat
 CVE-2016-10258 (Unrestricted file upload vulnerability in the Symantec Advanced Secure ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2016-10257 (The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to ...)
 	NOT-FOR-US: Symantec
 CVE-2016-10256 (The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d0a23237442fec910666e3f1ad33dfe25404896

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d0a23237442fec910666e3f1ad33dfe25404896
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180412/d2f69d92/attachment.html>
