[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Apr 14 06:21:37 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3ad98196 by Salvatore Bonaccorso at 2018-04-14T07:21:17+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,5 +1,5 @@
CVE-2018-10096 (joyplus-cms 1.6.0 has XSS via the device_name parameter in a ...)
- TODO: check
+ NOT-FOR-US: joyplus-cms
CVE-2018-10095
RESERVED
CVE-2018-10094
@@ -58,7 +58,7 @@ CVE-2018-10068 (The jDownloads extension before 3.2.59 for Joomla! has XSS. ...)
CVE-2018-10067
RESERVED
CVE-2018-10066 (An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN ...)
- TODO: check
+ NOT-FOR-US: MikroTik RouterOS
CVE-2018-10065
RESERVED
CVE-2018-10064
@@ -8001,9 +8001,9 @@ CVE-2018-6961
CVE-2018-6960
RESERVED
CVE-2018-6959 (VMware vRealize Automation (vRA) prior to 7.4.0 contains a ...)
- TODO: check
+ NOT-FOR-US: VMware vRealize Automation
CVE-2018-6958 (VMware vRealize Automation (vRA) prior to 7.3.1 contains a ...)
- TODO: check
+ NOT-FOR-US: VMware vRealize Automation
CVE-2018-6957 (VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before ...)
NOT-FOR-US: VMware
CVE-2017-18188 (OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks ...)
@@ -9256,9 +9256,9 @@ CVE-2018-6548 (A use-after-free issue was discovered in libwebm through 2018-02-
NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1493
NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md
CVE-2018-6547 (plays_service.exe in the plays.tv service before 1.27.7.0, as ...)
- TODO: check
+ NOT-FOR-US: plays_service.exe in the plays.tv service
CVE-2018-6546 (plays_service.exe in the plays.tv service before 1.27.7.0, as ...)
- TODO: check
+ NOT-FOR-US: plays_service.exe in the plays.tv service
CVE-2018-6545 (Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting ...)
NOT-FOR-US: Ipswitch MoveIt
CVE-2018-6544 (pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could ...)
@@ -12248,17 +12248,17 @@ CVE-2018-5513
CVE-2018-5512
RESERVED
CVE-2018-5511 (On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5510 (On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5509 (On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5508 (On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5507 (On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5506 (In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5505 (On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5504 (In some circumstances, the Traffic Management Microkernel (TMM) does ...)
@@ -60760,13 +60760,13 @@ CVE-2017-6160 (In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.
CVE-2017-6159 (F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
NOT-FOR-US: F5 BIG-IP
CVE-2017-6158 (In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2017-6157 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
NOT-FOR-US: F5 BIG-IP
CVE-2017-6156 (When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2017-6155 (On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2017-6154 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - ...)
NOT-FOR-US: F5 BIG-IP
CVE-2017-6153
@@ -60780,7 +60780,7 @@ CVE-2017-6150 (Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 -
CVE-2017-6149
RESERVED
CVE-2017-6148 (Responses to SOCKS proxy requests made through F5 BIG-IP version ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2017-6147 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
NOT-FOR-US: F5 BIG-IP
CVE-2017-6146
@@ -60790,7 +60790,7 @@ CVE-2017-6145 (iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DN
CVE-2017-6144 (In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type ...)
NOT-FOR-US: F5 BIG-IP
CVE-2017-6143 (X509 certificate verification was not correctly implemented in the IP ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2017-6142 (X509 certificate verification was not correctly implemented in the ...)
NOT-FOR-US: F5 BIG-IP
CVE-2017-6141 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3ad98196e88771bfa52dc01a721ff24fe34645c7
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3ad98196e88771bfa52dc01a721ff24fe34645c7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180414/f7825b21/attachment.html>
More information about the debian-security-tracker-commits
mailing list