[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Feb 12 20:49:40 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
064a9d59 by Salvatore Bonaccorso at 2018-02-12T21:49:13+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -246,7 +246,7 @@ CVE-2018-6808
 CVE-2018-6807
 	RESERVED
 CVE-2018-6806 (Marked 2 through 2.5.11 allows remote attackers to read arbitrary files ...)
-	TODO: check
+	NOT-FOR-US: Marked 2
 CVE-2018-6805
 	RESERVED
 CVE-2018-6804
@@ -1160,7 +1160,7 @@ CVE-2018-6508 (Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a 
 CVE-2018-6507
 	RESERVED
 CVE-2018-6506 (Cross-Site Scripting (XSS) exists in the Add Forum feature in the ...)
-	TODO: check
+	NOT-FOR-US: miniBB
 CVE-2018-6505
 	RESERVED
 CVE-2018-6504
@@ -36100,13 +36100,13 @@ CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7,
 CVE-2017-1000362 (The re-key admin monitor was introduced in Jenkins 1.498 and ...)
 	- jenkins <removed>
 CVE-2017-1000081 (Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of ...)
-	TODO: check
+	NOT-FOR-US: ONOS
 CVE-2017-1000080 (Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets. ...)
-	TODO: check
+	NOT-FOR-US: ONOS
 CVE-2017-1000079 (Linux foundation ONOS 1.9.0 is vulnerable to a DoS. ...)
-	TODO: check
+	NOT-FOR-US: ONOS
 CVE-2017-1000078 (Linux foundation ONOS 1.9 is vulnerable to XSS in the device. ...)
-	TODO: check
+	NOT-FOR-US: ONOS
 CVE-2017-1000077
 	REJECTED
 CVE-2017-1000076
@@ -56412,7 +56412,7 @@ CVE-2017-4953
 CVE-2017-4952
 	RESERVED
 CVE-2017-4951 (VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) ...)
-	TODO: check
+	NOT-FOR-US: VMware AirWatch Console
 CVE-2017-4950 (VMware Workstation and Fusion contain an integer overflow ...)
 	NOT-FOR-US: VMware
 CVE-2017-4949 (VMware Workstation and Fusion contain a use-after-free vulnerability ...)
@@ -56420,7 +56420,7 @@ CVE-2017-4949 (VMware Workstation and Fusion contain a use-after-free vulnerabil
 CVE-2017-4948 (VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View ...)
 	NOT-FOR-US: VMware
 CVE-2017-4947 (VMware Realize Automation (7.3 and 7.2) and vSphere Integrated ...)
-	TODO: check
+	NOT-FOR-US: VMware Realize Automation
 CVE-2017-4946 (The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a ...)
 	NOT-FOR-US: VMware
 CVE-2017-4945 (VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/064a9d5937a40f435d7edd98c6bfa02255c257d8

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/064a9d5937a40f435d7edd98c6bfa02255c257d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180212/f8f6a05b/attachment.html>

More information about the Secure-testing-commits mailing list