[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Aug 7 09:23:44 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b32f35db by Salvatore Bonaccorso at 2018-08-07T08:23:28Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -305,7 +305,7 @@ CVE-2018-14978 (An issue was discovered in QCMS 3.0.1. CSRF exists via the ...)
 CVE-2018-14977 (An issue was discovered in QCMS 3.0.1. ...)
 	NOT-FOR-US: QCMS
 CVE-2018-14976 (An issue was discovered in QCMS 3.0.1. ...)
-	TODO: check
+	NOT-FOR-US: QCMS
 CVE-2018-14975 (An issue was discovered in QCMS 3.0.1. ...)
 	NOT-FOR-US: QCMSQCMS
 CVE-2018-14974 (An issue was discovered in QCMS 3.0.1. ...)
@@ -541,7 +541,7 @@ CVE-2018-14871
 CVE-2018-14870
 	RESERVED
 CVE-2018-14869 (PHP Template Store Script 3.0.6 allows XSS via the Address line 1, ...)
-	TODO: check
+	NOT-FOR-US: PHP Template Store Script
 CVE-2018-14868
 	RESERVED
 CVE-2018-14867
@@ -3086,7 +3086,7 @@ CVE-2018-13879 (A reflected XSS issue was discovered in the registration form in
 CVE-2018-13878 (An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js ...)
 	NOT-FOR-US: Rocket.Chat
 CVE-2018-13877 (The doPayouts() function of the smart contract implementation for ...)
-	TODO: check
+	NOT-FOR-US: MegaCryptoPolis
 CVE-2018-13876 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
@@ -44062,7 +44062,7 @@ CVE-2017-16254
 CVE-2017-16253
 	RESERVED
 CVE-2017-16252 (Specially crafted commands sent through the PubNub service in Insteon ...)
-	TODO: check
+	NOT-FOR-US: Insteon Hub
 CVE-2017-16251 (A vulnerability in the conferencing component of Mitel ST 14.2, ...)
 	NOT-FOR-US: Mitel
 CVE-2017-16250 (A vulnerability in Mitel ST 14.2, release GA28 and earlier, could ...)
@@ -49810,7 +49810,7 @@ CVE-2017-14448 (An exploitable code execution vulnerability exists in the XCF im
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0497
 	NOTE: https://hg.libsdl.org/SDL_image/rev/7df1580f1695
 CVE-2017-14447 (An exploitable buffer overflow vulnerability exists in the PubNub ...)
-	TODO: check
+	NOT-FOR-US: Insteon Hub
 CVE-2017-14446 (An exploitable stack-based buffer overflow vulnerability exists in ...)
 	NOT-FOR-US: Insteon Hub
 CVE-2017-14445 (An exploitable buffer overflow vulnerability exists in Insteon Hub ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b32f35dbbce339bd86298cd8190fc08fa66abfeb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b32f35dbbce339bd86298cd8190fc08fa66abfeb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180807/dd664ee0/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list