[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Feb 13 21:46:23 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e91e723b by Salvatore Bonaccorso at 2018-02-13T22:45:58+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2,7 +2,7 @@ CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks prese
 	- systemd <unfixed>
 	NOTE: https://github.com/systemd/systemd/issues/7986
 CVE-2018-6953 (In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain ...)
-	TODO: check
+	NOT-FOR-US: CCN-lite 2
 CVE-2018-6952 (A double free exists in the another_hunk function in pch.c in GNU patch ...)
 	- patch <unfixed>
 	NOTE: https://savannah.gnu.org/bugs/index.php?53133
@@ -15,7 +15,7 @@ CVE-2018-6950
 CVE-2018-6949
 	RESERVED
 CVE-2018-6948 (In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a ...)
-	TODO: check
+	NOT-FOR-US: CCN-lite 2
 CVE-2018-6947
 	RESERVED
 CVE-2018-6946
@@ -57,7 +57,7 @@ CVE-2018-6930 (A stack-based buffer over-read in the ComputeResizeImage function
 CVE-2018-6929
 	RESERVED
 CVE-2018-6928 (PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall News Website Script
 CVE-2018-1000066
 	RESERVED
 CVE-2018-1000065
@@ -152,7 +152,7 @@ CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg th
 	- libav <undetermined>
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed
 CVE-2018-6911 (The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2018-6910
 	RESERVED
 CVE-2018-6909
@@ -1964,9 +1964,9 @@ CVE-2018-6295
 CVE-2018-6294
 	RESERVED
 CVE-2018-6293 (Arbitrary File Read in Saperion Web Client version 7.5.2 83166. ...)
-	TODO: check
+	NOT-FOR-US: Saperion Web Client
 CVE-2018-6292 (Remote Code Execution in Saperion Web Client version 7.5.2 83166. ...)
-	TODO: check
+	NOT-FOR-US: Saperion Web Client
 CVE-2018-6291 (WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway ...)
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
 CVE-2018-6290 (Local Privilege Escalation in Kaspersky Secure Mail Gateway version ...)
@@ -13958,7 +13958,7 @@ CVE-2018-1385
 CVE-2018-1384
 	RESERVED
 CVE-2018-1383 (A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and ...)
-	TODO: check
+	NOT-FOR-US: AIX
 CVE-2018-1382 (IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM API Connect
 CVE-2018-1381
@@ -15013,7 +15013,7 @@ CVE-2018-1216
 CVE-2018-1215
 	RESERVED
 CVE-2018-1214 (Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2018-1213
 	RESERVED
 CVE-2018-1212



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e91e723b014fa0fbdd9dc3e4f9af8f5a2c3e1900

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e91e723b014fa0fbdd9dc3e4f9af8f5a2c3e1900
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180213/1796c249/attachment.html>

More information about the Secure-testing-commits mailing list