[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Feb 16 09:51:59 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a36825a2 by Salvatore Bonaccorso at 2018-02-16T10:51:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2380,7 +2380,7 @@ CVE-2017-18076 (In strategy.rb in OmniAuth before 1.3.2, the authenticity_token 
 	- ruby-omniauth 1.3.1-2 (bug #888523)
 	NOTE: https://github.com/omniauth/omniauth/pull/867
 CVE-2018-6324 (F-Secure Radar (on-premises) before 2018-02-15 has an Unvalidated ...)
-	TODO: check
+	NOT-FOR-US: F-Secure Radar
 CVE-2018-6323 (The elf_object_p function in elfcode.h in the Binary File Descriptor ...)
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
@@ -2401,7 +2401,7 @@ CVE-2018-6318 (In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the cont
 CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and ...)
 	NOT-FOR-US: Claymore's Dual Ethereum
 CVE-2018-6316 (Ivanti Endpoint Security (formerly HEAT Endpoint Management and ...)
-	TODO: check
+	NOT-FOR-US: Ivanti Endpoint Security
 CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/101
@@ -2689,7 +2689,7 @@ CVE-2018-6196 (w3m through 0.5.3 is prone to an infinite recursion flaw in ...)
 	NOTE: https://github.com/tats/w3m/issues/88
 	NOTE: https://github.com/tats/w3m/commit/8354763b90490d4105695df52674d0fcef823e92
 CVE-2018-6189 (F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors ...)
-	TODO: check
+	NOT-FOR-US: F-Secure Radar
 CVE-2018-6188 (django.contrib.auth.forms.AuthenticationForm in Django 2.0 before ...)
 	- python-django 1:1.11.10-1
 	[stretch] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
@@ -3826,7 +3826,7 @@ CVE-2018-5769
 CVE-2018-5768
 	RESERVED
 CVE-2018-5767 (An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A ...)
-	TODO: check
+	NOT-FOR-US: Tenda AC15 V15.03.1.16_multi devices
 CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packet_ref ...)
 	- libav <removed>
 	[jessie] - libav <ignored> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a36825a2d979b18a532ee7f0832fae093d95b97a

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a36825a2d979b18a532ee7f0832fae093d95b97a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180216/d8483a96/attachment.html>

More information about the Secure-testing-commits mailing list