[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b1baac97 by Moritz Muehlenhoff at 2018-04-13T19:17:27+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -486,7 +486,7 @@ CVE-2018-9864 (The WP Live Chat Support plugin before 8.0.06 for WordPress has s
 CVE-2018-9863
 	RESERVED
 CVE-2018-9862 (util.c in runV 1.0.0 for Docker mishandles a numeric username, which ...)
-	TODO: check
+	NOT-FOR-US: runV for Docker
 CVE-2018-9861
 	RESERVED
 CVE-2018-9860 (An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An ...)
@@ -2342,8 +2342,8 @@ CVE-2018-7600 (Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5
 CVE-2018-9057 (aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform ...)
 	NOT-FOR-US: HashiCorp Terraform Amazon Web Services
 CVE-2018-9056 (Systems with microprocessors utilizing speculative execution may allow ...)
+	NOTE: Hardware side channel attack
 	NOTE: http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf
-	TODO: check
 CVE-2018-9055 (JasPer 2.0.14 allows denial of service via a reachable assertion in the ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/172



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b1baac97113df971face5bedf2cd8c51a0cd15c8

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b1baac97113df971face5bedf2cd8c51a0cd15c8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180413/3d67de9c/attachment.html>