[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Sort entries for CVE-2018-7032
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 16 21:15:37 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ee9cb6d2 by Salvatore Bonaccorso at 2018-02-16T22:11:59+01:00
Sort entries for CVE-2018-7032
- - - - -
d105be22 by Salvatore Bonaccorso at 2018-02-16T22:15:17+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,7 +3,7 @@ CVE-2018-7190
CVE-2018-7189
RESERVED
CVE-2018-7188 (An XSS vulnerability (via an SVG image) in Tiki before 18 allows an ...)
- TODO: check
+ NOT-FOR-US: Tiki
CVE-2018-7187 (The "go get" implementation in Go 1.9.4, when the -insecure ...)
TODO: check
CVE-2018-7185
@@ -516,8 +516,8 @@ CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize URLs
[stretch] - myrepos <no-dsa> (Minor issue)
[jessie] - myrepos <no-dsa> (Minor issue)
- mr <removed>
- [wheezy] - mr <no-dsa> (Minor issue)
[jessie] - mr <no-dsa> (Minor issue)
+ [wheezy] - mr <no-dsa> (Minor issue)
CVE-2018-6956
RESERVED
CVE-2018-6955
@@ -550,9 +550,9 @@ CVE-2018-6946
CVE-2018-6945
RESERVED
CVE-2018-6944 (core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for ...)
- TODO: check
+ NOT-FOR-US: UltimateMember plugin for WordPress
CVE-2018-6943 (core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 ...)
- TODO: check
+ NOT-FOR-US: UltimateMember plugin for WordPress
CVE-2018-6942 (An issue was discovered in FreeType 2 through 2.9. A NULL pointer ...)
- freetype <unfixed> (bug #890450)
[stretch] - freetype <not-affected> (Vulnerable code introduced later)
@@ -1944,11 +1944,11 @@ CVE-2017-18093
CVE-2017-18092
RESERVED
CVE-2017-18091 (The admin backupprogress action in Atlassian Fisheye and Crucible ...)
- TODO: check
+ NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2017-18090 (Various resources in Atlassian Fisheye before version 4.5.1 (the fixed ...)
- TODO: check
+ NOT-FOR-US: Atlassian Fisheye
CVE-2017-18089 (The view review history resource in Atlassian Crucible before version ...)
- TODO: check
+ NOT-FOR-US: Atlassian Crucible
CVE-2017-18088 (Various plugin servlet resources in Atlassian Bitbucket Server before ...)
NOT-FOR-US: Atlassian Bitbucket Server
CVE-2017-18087 (The download commit resource in Atlassian Bitbucket Server from ...)
@@ -18061,9 +18061,9 @@ CVE-2018-0518
CVE-2018-0517 (Untrusted search path vulnerability in Anshin net security for Windows ...)
NOT-FOR-US: Anshin net security for Windows
CVE-2018-0516 (Untrusted search path vulnerability in FLET'S v4 / v6 address ...)
- TODO: check
+ NOT-FOR-US: FLET'S v4 / v6 address selection tool
CVE-2018-0515 (Untrusted search path vulnerability in "FLET'S Azukeru Backup Tool" ...)
- TODO: check
+ NOT-FOR-US: FLET'S Azukeru Backup Tool
CVE-2018-0514 (MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows ...)
NOT-FOR-US: MP Form Mail CGI eCommerce Edition
CVE-2018-0513 (Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0cf8f63449884d389524c8c870ef76e076878105...d105be2212baac6e351b2bbee188a3f96b8475b5
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0cf8f63449884d389524c8c870ef76e076878105...d105be2212baac6e351b2bbee188a3f96b8475b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180216/820a3591/attachment.html>
More information about the Secure-testing-commits
mailing list