[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Mon Dec 3 13:10:31 GMT 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b0568e5a by Moritz Muehlenhoff at 2018-12-03T13:09:57Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,9 +31,9 @@ CVE-2018-19794 (Cross-site scripting (XSS) vulnerability in UiV2Public.index in
 CVE-2018-19793 (jiacrontab 1.4.5 allows remote attackers to execute arbitrary commands ...)
 	NOT-FOR-US: Internet2 Grouper
 CVE-2018-19792 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local ...)
-	TODO: check
+	NOT-FOR-US: OpenLiteSpeed
 CVE-2018-19791 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 does not ...)
-	TODO: check
+	NOT-FOR-US: OpenLiteSpeed
 CVE-2018-19790
 	RESERVED
 CVE-2018-19789
@@ -12933,7 +12933,7 @@ CVE-2018-15836 (In verify_signed_hash() in lib/liboswkeys/signatures.c in Opensw
 	NOTE: https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51
 	NOTE: https://lists.openswan.org/pipermail/users/2018-August/023761.html
 CVE-2018-15835 (Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-15834 (In radare2 before 2.9.0, a heap overflow vulnerability exists in the ...)
 	- radare2 2.9.0+dfsg-1
 	[stretch] - radare2 <no-dsa> (Minor issue)
@@ -13209,7 +13209,7 @@ CVE-2018-15717
 CVE-2018-15716 (NUUO NVRMini2 version 3.10.0 and earlier is vulnerable to ...)
 	NOT-FOR-US: NUUO NVRMini2
 CVE-2018-15715 (Zoom clients on Windows (before version 4.1.34814.1119), Mac OS ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2018-15714 (Nagios XI 5.5.6 allows reflected cross site scripting from remote ...)
 	NOT-FOR-US: Nagios XI
 CVE-2018-15713 (Nagios XI 5.5.6 allows persistent cross site scripting from remote ...)
@@ -55474,9 +55474,9 @@ CVE-2018-0767 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, an
 CVE-2018-0766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0765 (A denial of service vulnerability exists when .NET and .NET Core ...)
+	NOT-FOR-US: .dotnet CoreFX
 	NOTE: https://github.com/dotnet/announcements/issues/67
 	NOTE: https://github.com/dotnet/corefx/issues/29578
-	TODO: check, can potentially affect mono packages
 CVE-2018-0764 (Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0763 (Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b0568e5a0f9bc23a0ccc0588093cd04589fa2840

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b0568e5a0f9bc23a0ccc0588093cd04589fa2840
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181203/e6f0d155/attachment.html>

More information about the debian-security-tracker-commits mailing list