[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 21 15:35:19 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d23a4239 by Moritz Muehlenhoff at 2018-12-21T15:34:54Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -165,13 +165,13 @@ CVE-2018-1000839 (LH-EHR version REL-2_0_0 contains a Arbitrary File Upload ...)
CVE-2018-1000838 (autopsy version <= 4.9.0 contains a XML External Entity (XXE) ...)
- autopsy <not-affected> (The ancient version in Debian predates the Java rewrite)
CVE-2018-1000837 (UML Designer version <= 8.0.0 contains a XML External Entity (XXE) ...)
- TODO: check
+ NOT-FOR-US: UML designer
CVE-2018-1000836 (bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML ...)
- TODO: check
+ NOT-FOR-US: bw-calendar-engine
CVE-2018-1000835 (KeePassDX version <= 2.5.0.0beta17 contains a XML External Entity ...)
- TODO: check
+ NOT-FOR-US: KeePassDX
CVE-2018-1000834 (runelite version <= runelite-parent-1.4.23 contains a XML External ...)
- TODO: check
+ NOT-FOR-US: runelite
CVE-2018-1000833 (ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in ...)
TODO: check
CVE-2018-1000832 (ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in ...)
@@ -179,15 +179,15 @@ CVE-2018-1000832 (ZoneMinder version <= 1.32.2 contains a Other/Unknown vulne
CVE-2018-1000831 (K9Mail version <= v5.600 contains a XML External Entity (XXE) ...)
NOT-FOR-US: K9Mail
CVE-2018-1000830 (XR3Player version <= V3.124 contains a XML External Entity (XXE) ...)
- TODO: check
+ NOT-FOR-US: XR3Player
CVE-2018-1000829 (Anyplace version before commit 80359b4 contains a XML External Entity ...)
- TODO: check
+ NOT-FOR-US: Anyplace navigation service
CVE-2018-1000828 (FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML ...)
- TODO: check
+ NOT-FOR-US: FrostWire
CVE-2018-1000827 (Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Ubilling
CVE-2018-1000826 (Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: Microweber
CVE-2018-1000825 (FreeCol version <= nightly-2018-08-22 contains a XML External Entity ...)
TODO: check
CVE-2018-1000824 (MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d23a4239654f6ee2492d34031ea52472cb1a694b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d23a4239654f6ee2492d34031ea52472cb1a694b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181221/4a8ba61a/attachment.html>
More information about the debian-security-tracker-commits
mailing list