[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Aug 29 22:01:43 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1472e4d7 by Salvatore Bonaccorso at 2018-08-29T21:00:54Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -436,7 +436,7 @@ CVE-2018-15914
 CVE-2018-15913
 	RESERVED
 CVE-2018-15912 (An issue was discovered in manjaro-update-system.sh in manjaro-system ...)
-	TODO: check
+	NOT-FOR-US: manjaro-update-system.sh in manjaro-system on Manjaro Linux
 CVE-2018-15919 (Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 ...)
 	- openssh <unfixed> (bug #907503)
 	[stretch] - openssh <no-dsa> (Minor issue)
@@ -460,7 +460,7 @@ CVE-2018-15908 (In Artifex Ghostscript 9.23 before 2018-08-23, attackers are abl
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0d3901189f245232f0161addf215d7268c4d05a3
 	NOTE: https://www.kb.cert.org/vuls/id/332928
 CVE-2018-15907 (Technicolor (formerly RCA) TC8305C devices have a Buffer Overflow. ...)
-	TODO: check
+	NOT-FOR-US: Technicolor (formerly RCA) TC8305C devices
 CVE-2018-15906
 	RESERVED
 CVE-2018-15905
@@ -1358,7 +1358,7 @@ CVE-2018-15564 (An issue was discovered in daveismyname simple-cms through 2014-
 CVE-2018-15563
 	RESERVED
 CVE-2018-15562 (CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or ...)
-	TODO: check
+	NOT-FOR-US: CMS ISWEB
 CVE-2018-15561
 	RESERVED
 CVE-2018-15560 (PyCryptodome before 3.6.6 has an integer overflow in the data_len ...)
@@ -2956,7 +2956,7 @@ CVE-2018-14807
 CVE-2018-14806
 	RESERVED
 CVE-2018-14805 (ABB eSOMS version 6.0.2 may allow unauthorized access to the system ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2018-14804
 	RESERVED
 CVE-2018-14803
@@ -3058,7 +3058,7 @@ CVE-2018-14770
 CVE-2018-14769
 	RESERVED
 CVE-2018-14768 (Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, ...)
-	TODO: check
+	NOT-FOR-US: VIVOTEK devices
 CVE-2018-1999025 (A man in the middle vulnerability exists in Jenkins TraceTronic ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-1999026 (A server-side request forgery vulnerability exists in Jenkins ...)
@@ -7810,17 +7810,17 @@ CVE-2018-12813
 CVE-2018-12812 (Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12811 (Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12810 (Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12809 (Adobe Experience Manager versions 6.4 and earlier have a Server-Side ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12808 (Adobe Acrobat and Reader versions 2018.011.20055 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12807 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12806 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12805 (Adobe Connect versions 9.7.5 and earlier have an Insecure Library ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12804 (Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass ...)
@@ -7834,7 +7834,7 @@ CVE-2018-12801
 CVE-2018-12800
 	RESERVED
 CVE-2018-12799 (Adobe Acrobat and Reader versions 2018.011.20055 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12798 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12797 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
@@ -8018,7 +8018,7 @@ CVE-2018-12712 (An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.
 CVE-2018-12711 (An XSS issue was discovered in the language switcher module in Joomla! ...)
 	NOT-FOR-US: Joomla!
 CVE-2018-12710 (An issue was discovered on D-Link DIR-601 2.02NA devices. Being local ...)
-	TODO: check
+	NOT-FOR-US: D-Link DIR-601 2.02NA devices
 CVE-2016-10724 (Bitcoin Core before v0.13.0 allows denial of service (memory ...)
 	- bitcoin 0.13.0-0.1
 CVE-2018-12709
@@ -24749,7 +24749,7 @@ CVE-2018-6599 (An issue was discovered on Orbic Wonder ...)
 CVE-2018-6598 (An issue was discovered on Orbic Wonder ...)
 	TODO: check
 CVE-2018-6597 (The Alcatel A30 device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: Alcatel A30 device
 CVE-2018-6596 (webhooks/base.py in Anymail (aka django-anymail) before 1.2.1 is prone ...)
 	{DSA-4107-1}
 	- django-anymail 1.3-1 (bug #889450)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1472e4d7f1a6615a93b228eb59345133d0f717f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1472e4d7f1a6615a93b228eb59345133d0f717f9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180829/b54e3128/attachment.html>

More information about the debian-security-tracker-commits mailing list