[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Dec 29 08:50:48 GMT 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f3345a43 by Salvatore Bonaccorso at 2018-12-29T08:50:27Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -178,7 +178,7 @@ CVE-2018-20509
 CVE-2018-20508 (CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This ...)
 	TODO: check
 CVE-2018-1000890 (FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection ...)
-	TODO: check
+	NOT-FOR-US: FrontAccounting
 CVE-2018-1000889 (Logisim Evolution version 2.14.3 and earlier contains an XML External ...)
 	TODO: check
 CVE-2018-1000888 (PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 ...)
@@ -630,7 +630,7 @@ CVE-2018-20333
 CVE-2018-20332 (An issue has been discovered in the OpenWebif plugin through 1.2.4 for ...)
 	TODO: check
 CVE-2018-20331 (Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ...)
-	TODO: check
+	NOT-FOR-US: Antiy AVL ATool
 CVE-2018-20330 (The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow ...)
 	TODO: check
 CVE-2018-20329 (Chamilo LMS version 1.11.8 contains a ...)
@@ -1024,11 +1024,11 @@ CVE-2018-20251
 CVE-2018-20250
 	RESERVED
 CVE-2018-20249 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
-	TODO: check
+	NOT-FOR-US: Foxit Quick PDF Library
 CVE-2018-20248 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
-	TODO: check
+	NOT-FOR-US: Foxit Quick PDF Library
 CVE-2018-20247 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
-	TODO: check
+	NOT-FOR-US: Foxit Quick PDF Library
 CVE-2018-20246
 	RESERVED
 CVE-2018-20245
@@ -5745,7 +5745,7 @@ CVE-2018-19865 (A keystroke logging issue was discovered in Virtual Keyboard in
 CVE-2018-19864 (NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows ...)
 	NOT-FOR-US: NUUO NVRmini2 Network Video Recorder firmware
 CVE-2018-19863 (An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on ...)
-	TODO: check
+	NOT-FOR-US: 1Password
 CVE-2018-19862
 	RESERVED
 CVE-2018-19861
@@ -6414,9 +6414,9 @@ CVE-2018-19618
 CVE-2018-19617
 	RESERVED
 CVE-2018-19616 (An issue was discovered in Rockwell Automation Allen-Bradley ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
 CVE-2018-19615 (An issue was discovered in Rockwell Automation Allen-Bradley ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
 CVE-2018-19614
 	RESERVED
 CVE-2018-19613
@@ -9741,7 +9741,7 @@ CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve logi
 	NOTE: https://wiki.gnome.org/Projects/GnomeKeyring/SecurityFAQ
 	NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/5
 CVE-2018-19357 (XMPlay 3.8.3 allows remote attackers to execute arbitrary code or cause ...)
-	TODO: check
+	NOT-FOR-US: XMPlay
 CVE-2018-19356
 	RESERVED
 CVE-2018-19355 (modules/orderfiles/ajax/upload.php in the Customer Files Upload addon ...)
@@ -10280,7 +10280,7 @@ CVE-2018-19250
 CVE-2018-19249
 	RESERVED
 CVE-2018-19248 (The web service on Epson WorkForce WF-2861 10.48 ...)
-	TODO: check
+	NOT-FOR-US: Epson
 CVE-2018-19247
 	RESERVED
 CVE-2018-19246 (PHP-Proxy 5.1.0 allows remote attackers to read local files if the ...)
@@ -10312,7 +10312,7 @@ CVE-2018-19234 (The Miss Marple Updater Service in COMPAREX Miss Marple Enterpri
 CVE-2018-19233 (COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users ...)
 	NOT-FOR-US: Miss Marple Enterprise
 CVE-2018-19232 (The web service on Epson WorkForce WF-2861 10.48 ...)
-	TODO: check
+	NOT-FOR-US: Epson
 CVE-2018-19231
 	RESERVED
 CVE-2018-19230
@@ -10458,7 +10458,7 @@ CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attack
 CVE-2018-19183 (ethereumjs-vm 2.4.0 allows attackers to cause a denial of service ...)
 	NOT-FOR-US: ethereumjs-vm
 CVE-2018-19182 (Engelsystem before commit hash 2e28336 allows CSRF. ...)
-	TODO: check
+	NOT-FOR-US: Engelsystem
 CVE-2018-19181 (statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows ...)
 	NOT-FOR-US: YUNUCMS
 CVE-2018-19180 (statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if ...)
@@ -10887,7 +10887,7 @@ CVE-2018-19007 (In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25
 CVE-2018-19006
 	RESERVED
 CVE-2018-19005 (Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation ...)
-	TODO: check
+	NOT-FOR-US: Cscape
 CVE-2018-19004
 	RESERVED
 CVE-2018-19003 (GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to ...)
@@ -10985,9 +10985,9 @@ CVE-2018-18962
 CVE-2018-18961
 	RESERVED
 CVE-2018-18960 (An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, ...)
-	TODO: check
+	NOT-FOR-US: Epson
 CVE-2018-18959 (An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, ...)
-	TODO: check
+	NOT-FOR-US: Epson
 CVE-2018-18958
 	RESERVED
 CVE-2018-18957 (An issue has been found in libIEC61850 v1.3. It is a stack-based buffer ...)
@@ -11593,11 +11593,11 @@ CVE-2018-18700 (An issue was discovered in cp-demangle.c in GNU libiberty, as ..
 CVE-2018-18699 (An issue was discovered in GoPro gpmf-parser 1.2.1. There is an ...)
 	NOT-FOR-US: GoPro gpmf-parser
 CVE-2018-18698 (An issue was discovered on Xiaomi Mi A1 ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi Mi A1 devices
 CVE-2018-18697
 	RESERVED
 CVE-2018-18696 (main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Analytics
 CVE-2018-18695 (M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with ...)
 	NOT-FOR-US: M2SOFT Report Designer Viewer
 CVE-2018-18694 (admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote ...)
@@ -11964,9 +11964,9 @@ CVE-2018-XXXX [out of bounds memory read in MED files]
 	NOTE: https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/
 	NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision&rev=10903
 CVE-2018-18556 (A privilege escalation issue was discovered in VyOS 1.1.8. The default ...)
-	TODO: check
+	NOT-FOR-US: VyOS
 CVE-2018-18555 (A sandbox escape issue was discovered in VyOS 1.1.8. It provides a ...)
-	TODO: check
+	NOT-FOR-US: VyOS
 CVE-2018-18554
 	RESERVED
 CVE-2018-18553 (Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is ...)
@@ -12011,11 +12011,11 @@ CVE-2018-18541 (In Teeworlds before 0.6.5, connection packets could be forged. T
 CVE-2018-18538
 	RESERVED
 CVE-2018-18537 (The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2018-18536 (The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2018-18535 (The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2018-18534
 	RESERVED
 CVE-2018-18533
@@ -14599,7 +14599,7 @@ CVE-2018-17540 (The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow
 	- strongswan 5.7.1-1
 	NOTE: https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
 CVE-2018-17539 (The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and ...)
-	TODO: check
+	NOT-FOR-US: BGP daemon (bgpd) in IP Infusion ZebOS and OcNOS
 CVE-2018-17538 (** DISPUTED ** Axon (formerly TASER International) Evidence Sync ...)
 	NOT-FOR-US: Axon Evidence Sync
 CVE-2018-17537 [Persistent XSS package.json]
@@ -16917,9 +16917,9 @@ CVE-2018-16640 (ImageMagick 7.0.8-5 has a memory leak vulnerability in the funct
 CVE-2018-16639
 	RESERVED
 CVE-2018-16638 (Evolution CMS 1.4.x allows XSS via the manager/ search parameter. ...)
-	TODO: check
+	NOT-FOR-US: Evolution CMS
 CVE-2018-16637 (Evolution CMS 1.4.x allows XSS via the page weblink title parameter to ...)
-	TODO: check
+	NOT-FOR-US: Evolution CMS
 CVE-2018-16636 (Nucleus CMS 3.70 allows HTML Injection via the index.php body ...)
 	NOT-FOR-US: Nucleus CMS
 CVE-2018-16635 (Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page ...)
@@ -16929,7 +16929,7 @@ CVE-2018-16634 (Pluck v4.7.7 allows CSRF via admin.php?action=settings. ...)
 CVE-2018-16633 (Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page ...)
 	NOT-FOR-US: Pluck CMS
 CVE-2018-16632 (Mezzanine CMS v4.3.1 allows XSS via the ...)
-	TODO: check
+	NOT-FOR-US: Mezzanine CMS
 CVE-2018-16631 (Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2018-16630 (Kirby v2.5.12 allows XSS by using the "site files" Add option to ...)
@@ -19952,7 +19952,7 @@ CVE-2018-15467
 CVE-2018-15466
 	RESERVED
 CVE-2018-15465 (A vulnerability in the authorization subsystem of Cisco Adaptive ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15464
 	RESERVED
 CVE-2018-15463
@@ -20227,7 +20227,7 @@ CVE-2018-15335 (When APM 13.0.0-13.1.x is deployed as an OAuth Resource Server,
 CVE-2018-15334 (A cross-site request forgery (CSRF) vulnerability in the APM webtop ...)
 	TODO: check
 CVE-2018-15333 (On versions 11.2.1. and greater, unrestricted Snapshot File Access ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-15332 (The svpn component of the F5 BIG-IP APM client prior to version ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-15331 (On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used ...)
@@ -20940,35 +20940,35 @@ CVE-2018-15008
 CVE-2018-15007 (The Sky Elite 6.0L+ Android device with a build fingerprint of ...)
 	TODO: check
 CVE-2018-15006 (The ZTE ZMAX Champ Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-15005 (The ZTE ZMAX Champ Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-15004 (The Coolpad Canvas device with a build fingerprint of ...)
 	TODO: check
 CVE-2018-15003
 	RESERVED
 CVE-2018-15002 (The Vivo V7 device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: Vivo V7 device
 CVE-2018-15001 (The Vivo V7 Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: Vivo V7 device
 CVE-2018-15000
 	RESERVED
 CVE-2018-14999
 	RESERVED
 CVE-2018-14998 (The Leagoo P1 Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: Leagoo P1 Android device
 CVE-2018-14997
 	RESERVED
 CVE-2018-14996
 	RESERVED
 CVE-2018-14995 (The ZTE Blade Vantage Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-14994
 	RESERVED
 CVE-2018-14993
 	RESERVED
 CVE-2018-14992 (The ASUS ZenFone 3 Max Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: ASUS ZenFone 3 Max Android device
 CVE-2018-14991
 	RESERVED
 CVE-2018-14990
@@ -20980,11 +20980,11 @@ CVE-2018-14988 (The MXQ TV Box 4.4.2 Android device with a build fingerprint of
 CVE-2018-14987 (The MXQ TV Box 4.4.2 Android device with a build fingerprint of ...)
 	TODO: check
 CVE-2018-14986 (The Leagoo Z5C Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: Leagoo Z5C Android device
 CVE-2018-14985 (The Leagoo Z5C Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: Leagoo Z5C Android device
 CVE-2018-14984 (The Leagoo Z5C Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: Leagoo Z5C Android device
 CVE-2018-14983
 	RESERVED
 CVE-2018-14982 (Certain LG devices based on Android 6.0 through 8.1 have incorrect ...)
@@ -20994,7 +20994,7 @@ CVE-2018-14981 (Certain LG devices based on Android 6.0 through 8.1 have incorre
 CVE-2018-14980
 	RESERVED
 CVE-2018-14979 (The ASUS ZenFone 3 Max Android device with a build fingerprint of ...)
-	TODO: check
+	NOT-FOR-US: ASUS ZenFone 3 Max Android device
 CVE-2018-14978 (An issue was discovered in QCMS 3.0.1. CSRF exists via the ...)
 	NOT-FOR-US: QCMS
 CVE-2018-14977 (An issue was discovered in QCMS 3.0.1. ...)
@@ -21457,21 +21457,21 @@ CVE-2015-9262 (_XcursorThemeInherits in library.c in libXcursor before 1.1.15 al
 CVE-2018-14777 (An issue was discovered in DataLife Engine (DLE) through 13.0. An ...)
 	NOT-FOR-US: DataLife Engine
 CVE-2018-1000631 (Battelle V2I Hub 3.0 is vulnerable to SQL injection. A remote attacker ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-1000630 (Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-1000629 (Battelle V2I Hub 2.5.1 is vulnerable to cross-site scripting, caused ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-1000628 (Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-1000627 (Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-1000626 (Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-1000625 (Battelle V2I Hub 2.5.1 contains hard-coded credentials for the ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-1000624 (Battelle V2I Hub 2.5.1 is vulnerable to a denial of service, caused by ...)
-	TODO: check
+	NOT-FOR-US: Battelle V2I Hub
 CVE-2018-14776 (Click Studios Passwordstate before 8.3 Build 8397 allows XSS by ...)
 	NOT-FOR-US: Click Studios Passwordstate
 CVE-2018-14775 (tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a ...)
@@ -29525,9 +29525,9 @@ CVE-2018-11743 (The init_copy function in kernel.c in mruby 1.4.1 makes initiali
 	NOTE: https://github.com/mruby/mruby/commit/b64ce17852b180dfeea81cf458660be41a78974d
 	NOTE: https://github.com/mruby/mruby/issues/4027
 CVE-2018-11742 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password ...)
-	TODO: check
+	NOT-FOR-US: NEC Univerge Sv9100 WebPro devices
 CVE-2018-11741 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session ...)
-	TODO: check
+	NOT-FOR-US: NEC Univerge Sv9100 WebPro devices
 CVE-2018-11740 (An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from ...)
 	- sleuthkit <unfixed> (low; bug #902187)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
@@ -37079,13 +37079,13 @@ CVE-2018-8922 (Improper access control vulnerability in Synology Drive before ..
 CVE-2018-8921 (Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast ...)
 	NOT-FOR-US: Synology Drive
 CVE-2018-8920 (Improper neutralization of escape vulnerability in Log Exporter in ...)
-	TODO: check
+	NOT-FOR-US: Synology DiskStation Manager
 CVE-2018-8919 (Information exposure vulnerability in SYNO.Core.Desktop.SessionData in ...)
-	TODO: check
+	NOT-FOR-US: Synology DiskStation Manager
 CVE-2018-8918 (Cross-site scripting (XSS) vulnerability in info.cgi in Synology ...)
-	TODO: check
+	NOT-FOR-US: Synology Router Manager
 CVE-2018-8917 (Cross-site scripting (XSS) vulnerability in info.cgi in Synology ...)
-	TODO: check
+	NOT-FOR-US: Synology DiskStation Manager
 CVE-2018-8916 (Unverified password change vulnerability in Change Password in ...)
 	NOT-FOR-US: Synology
 CVE-2018-8915 (Cross-site scripting (XSS) vulnerability in Notification Center in ...)
@@ -39782,17 +39782,17 @@ CVE-2018-7839
 CVE-2018-7838
 	RESERVED
 CVE-2018-7837 (An Improper Restriction of XML External Entity Reference ('XXE') ...)
-	TODO: check
+	NOT-FOR-US: IIoT Monitor (Schneider Electric)
 CVE-2018-7836 (An unrestricted Upload of File with Dangerous Type vulnerability ...)
-	TODO: check
+	NOT-FOR-US: IIoT Monitor (Schneider Electric)
 CVE-2018-7835 (An Improper Limitation of a Pathname to a Restricted Directory ('Path ...)
-	TODO: check
+	NOT-FOR-US: IIoT Monitor (Schneider Electric)
 CVE-2018-7834
 	RESERVED
 CVE-2018-7833 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2018-7832 (An Improper Input Validation vulnerability exists in Pro-Face GP-Pro ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2018-7831 (An Improper Neutralization of Script-Related HTML Tags in a Web Page ...)
 	NOT-FOR-US: Modicon (Schneider Electric)
 CVE-2018-7830 (Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP ...)
@@ -39852,11 +39852,11 @@ CVE-2018-7804 (A URL Redirection to Untrusted Site vulnerability exists in the .
 CVE-2018-7803
 	RESERVED
 CVE-2018-7802 (A SQL Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2018-7801 (A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2018-7800 (A Hard-coded Credentials vulnerability exists in EVLink Parking, ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2018-7799 (A DLL hijacking vulnerability exists in Schneider Electric Software ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2018-7798 (A Insufficient Verification of Data Authenticity (CWE-345) ...)
@@ -39864,13 +39864,13 @@ CVE-2018-7798 (A Insufficient Verification of Data Authenticity (CWE-345) ...)
 CVE-2018-7797 (A URL redirection vulnerability exists in Power Monitoring Expert, ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2018-7796 (A Buffer Error vulnerability exists in PowerSuite 2, all released ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2018-7795 (A Cross Protocol Injection vulnerability exists in Schneider ...)
 	NOT-FOR-US: Schneider
 CVE-2018-7794
 	RESERVED
 CVE-2018-7793 (A Credential Management vulnerability exists in FoxView HMI SCADA (All ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2018-7792 (A Permissions, Privileges, and Access Control vulnerability exists in ...)
 	NOT-FOR-US: Schneider
 CVE-2018-7791 (A Permissions, Privileges, and Access Control vulnerability exists in ...)
@@ -41312,7 +41312,7 @@ CVE-2018-7368
 CVE-2018-7367
 	RESERVED
 CVE-2018-7366 (ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-7365 (All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product ...)
 	NOT-FOR-US: ZTE
 CVE-2018-7364 (All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f3345a43d6a5820f67bfc6c23d52bd9f87e77c86

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f3345a43d6a5820f67bfc6c23d52bd9f87e77c86
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181229/d07ee3a9/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list