[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Dec 1 08:20:43 GMT 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
60dcc40e by Salvatore Bonaccorso at 2018-12-01T08:20:19Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2018-19786
 	RESERVED
 CVE-2018-19785 (PHP-Proxy through 5.1.0 has Cross-Site Scripting (XSS) via the URL ...)
-	TODO: check
+	NOT-FOR-US: PHP-Proxy
 CVE-2018-19784 (The str_rot_pass function in ...)
-	TODO: check
+	NOT-FOR-US: PHP-Proxy
 CVE-2018-19783
 	RESERVED
 CVE-2018-19782
@@ -12119,7 +12119,7 @@ CVE-2018-16099
 CVE-2018-16098
 	RESERVED
 CVE-2018-16097 (LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System ...)
-	TODO: check
+	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
 CVE-2018-16096 (In System Management Module (SMM) versions prior to 1.06, the SMM web ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
 CVE-2018-16095 (In System Management Module (SMM) versions prior to 1.06, the SMM ...)
@@ -12127,7 +12127,7 @@ CVE-2018-16095 (In System Management Module (SMM) versions prior to 1.06, the SM
 CVE-2018-16094 (In System Management Module (SMM) versions prior to 1.06, an internal ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
 CVE-2018-16093 (In versions prior to 5.5, LXCI for VMware allows an authenticated user ...)
-	TODO: check
+	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
 CVE-2018-16092 (In System Management Module (SMM) versions prior to 1.06, the FFDC ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
 CVE-2018-16091 (In System Management Module (SMM) versions prior to 1.06, the SMM ...)
@@ -30456,7 +30456,7 @@ CVE-2018-9074 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.3
 CVE-2018-9073 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes ...)
 	NOT-FOR-US: Lenovo Chassis Management Module
 CVE-2018-9072 (In versions prior to 5.5, LXCI for VMware allows an authenticated user ...)
-	TODO: check
+	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
 CVE-2018-9071 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows ...)
 	NOT-FOR-US: Lenovo Chassis Management Module
 CVE-2018-9070 (For the Lenovo Smart Assistant Android app versions earlier than ...)
@@ -45190,9 +45190,9 @@ CVE-2018-3952 (An exploitable code execution vulnerability exists in the connect
 CVE-2018-3951 (An exploitable remote code execution vulnerability exists in the HTTP ...)
 	TODO: check
 CVE-2018-3950 (An exploitable remote code execution vulnerability exists in the ping ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2018-3949 (An exploitable information disclosure vulnerability exists in the HTTP ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2018-3948 (An exploitable denial-of-service vulnerability exists in the ...)
 	NOT-FOR-US: TP-Link
 CVE-2018-3947 (An exploitable information disclosure vulnerability exists in the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60dcc40edbcaabe123610b0fb1f1fd08e8622540

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60dcc40edbcaabe123610b0fb1f1fd08e8622540
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181201/94382c52/attachment.html>


More information about the debian-security-tracker-commits mailing list