[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Feb 12 21:46:37 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7b8b88d5 by Salvatore Bonaccorso at 2018-02-12T22:45:53+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2,7 +2,7 @@ CVE-2018-6927 (The futex_requeue function in kernel/futex.c in the Linux kernel 
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
 CVE-2018-6926 (In app/Controller/ServersController.php in MISP 2.4.87, a server ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2018-6925
 	RESERVED
 CVE-2018-6924
@@ -30,15 +30,15 @@ CVE-2018-6914
 CVE-2018-1000063
 	RESERVED
 CVE-2017-18179 (Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring ...)
-	TODO: check
+	NOT-FOR-US: Progress Sitefinity
 CVE-2017-18178 (Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue ...)
-	TODO: check
+	NOT-FOR-US: Progress Sitefinity
 CVE-2017-18177 (Progress Sitefinity 9.1 has XSS via the Last name, First name, and ...)
-	TODO: check
+	NOT-FOR-US: Progress Sitefinity
 CVE-2017-18176 (Progress Sitefinity 9.1 has XSS via file upload, because JavaScript ...)
-	TODO: check
+	NOT-FOR-US: Progress Sitefinity
 CVE-2017-18175 (Progress Sitefinity 9.1 has XSS via the Content Management Template ...)
-	TODO: check
+	NOT-FOR-US: Progress Sitefinity
 CVE-2018-6913
 	RESERVED
 CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg through ...)
@@ -83,7 +83,7 @@ CVE-2018-6895
 CVE-2018-6894
 	RESERVED
 CVE-2018-6893 (controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a ...)
-	TODO: check
+	NOT-FOR-US: FineCms
 CVE-2018-6892 (An issue was discovered in CloudMe before 1.11.0. An unauthenticated ...)
 	NOT-FOR-US: CloudMe
 CVE-2018-6891 (Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b8b88d5d0f3eb188f3342a3a9b505623458c869

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b8b88d5d0f3eb188f3342a3a9b505623458c869
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180212/0bc97d68/attachment.html>

More information about the Secure-testing-commits mailing list