[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sun Feb 18 09:40:52 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5bcb376a by Salvatore Bonaccorso at 2018-02-18T10:40:22+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,9 +1,9 @@
 CVE-2018-7218
 	RESERVED
 CVE-2018-7217 (In Bravo Tejari Procurement Portal, uploaded files are not properly ...)
-	TODO: check
+	NOT-FOR-US: Bravo Tejari Procurement Portal
 CVE-2018-7216 (Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Bravo Tejari Procurement Portal
 CVE-2018-7215
 	RESERVED
 CVE-2018-7214
@@ -13,15 +13,15 @@ CVE-2018-7213
 CVE-2018-7212 (An issue was discovered in ...)
 	TODO: check
 CVE-2018-7211 (An issue was discovered in iDashboards 9.6b. The SSO implementation is ...)
-	TODO: check
+	NOT-FOR-US: iDashboards
 CVE-2018-7210 (An issue was discovered in iDashboards 9.6b. It allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: iDashboards
 CVE-2018-7209 (An issue was discovered in iDashboards 9.6b. It allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: iDashboards
 CVE-2018-7208 (In the coff_pointerize_aux function in coffgen.c in the Binary File ...)
 	TODO: check
 CVE-2018-7207 (National Payments Corporation of India (NPCI) Bharat Interface for ...)
-	TODO: check
+	NOT-FOR-US: BHIM
 CVE-2018-7206 (An issue was discovered in Project Jupyter JupyterHub OAuthenticator ...)
 	TODO: check
 CVE-2018-7205
@@ -39,7 +39,7 @@ CVE-2018-7200
 CVE-2018-7199
 	RESERVED
 CVE-2018-7198 (October CMS through 1.0.431 allows XSS by entering HTML on the Add ...)
-	TODO: check
+	NOT-FOR-US: October CMS
 CVE-2018-7197 (An issue was discovered in Pluck through 4.7.4. A stored cross-site ...)
 	TODO: check
 CVE-2018-7196
@@ -3313,11 +3313,11 @@ CVE-2018-6008 (Arbitrary File Download exists in the Jtag Members Directory 5.3.
 CVE-2018-6007 (CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and ...)
 	NOT-FOR-US: Support Ticket component for Joomla!
 CVE-2018-6006 (SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via ...)
-	TODO: check
+	NOT-FOR-US: JS Autoz component for Joomla!
 CVE-2018-6005 (SQL Injection exists in the Realpin through 1.5.04 component for ...)
-	TODO: check
+	NOT-FOR-US: Realpin component for Joomla!
 CVE-2018-6004 (SQL Injection exists in the File Download Tracker 3.0 component for ...)
-	TODO: check
+	NOT-FOR-US: File Download Tracker component for Joomla!
 CVE-2017-18074
 	RESERVED
 CVE-2017-18073
@@ -3411,17 +3411,17 @@ CVE-2018-5996 (Insufficient exception handling in the method ...)
 CVE-2018-5995
 	RESERVED
 CVE-2018-5994 (SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the ...)
-	TODO: check
+	NOT-FOR-US: JS Jobs component for Joomla!
 CVE-2018-5993 (SQL Injection exists in the Aist through 2.0 component for Joomla! via ...)
-	TODO: check
+	NOT-FOR-US: Aist component for Joomla!
 CVE-2018-5992 (SQL Injection exists in the Staff Master through 1.0 RC 1 component for ...)
-	TODO: check
+	NOT-FOR-US: Staff Master component for Joomla!
 CVE-2018-5991 (SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via ...)
-	TODO: check
+	NOT-FOR-US: Form Maker component for Joomla!
 CVE-2018-5990 (SQL Injection exists in the AllVideos Reloaded 1.2.x component for ...)
-	TODO: check
+	NOT-FOR-US: AllVideos Reloaded component for Joomla!
 CVE-2018-5989 (SQL Injection exists in the ccNewsletter 2.x component for Joomla! via ...)
-	TODO: check
+	NOT-FOR-US: ccNewsletter component for Joomla!
 CVE-2018-5988 (SQL Injection exists in Flexible Poll 1.2 via the id parameter to ...)
 	NOT-FOR-US: Flexible Poll
 CVE-2018-5987 (SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bcb376a07da9243b13106d4445231319c7d7391

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bcb376a07da9243b13106d4445231319c7d7391
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180218/60037827/attachment.html>

More information about the Secure-testing-commits mailing list