[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Feb 21 21:28:28 UTC 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0db8dfcf by Salvatore Bonaccorso at 2018-02-21T22:28:00+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,13 +1,13 @@
 CVE-2018-7306
 	RESERVED
 CVE-2018-7305 (MyBB 1.8.14 is not checking for a valid CSRF token, leading to ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2018-7304 (Tiki 17.1 does not validate user input for special characters; ...)
-	TODO: check
+	NOT-FOR-US: Tiki
 CVE-2018-7303 (The Calendar component in Tiki 17.1 allows HTML injection. ...)
-	TODO: check
+	NOT-FOR-US: Tiki
 CVE-2018-7302 (Tiki 17.1 allows upload of a .PNG file that actually has SVG content, ...)
-	TODO: check
+	NOT-FOR-US: Tiki
 CVE-2018-7301
 	RESERVED
 CVE-2018-7300
@@ -33,7 +33,7 @@ CVE-2018-7291
 CVE-2018-7290
 	RESERVED
 CVE-2018-7289 (An issue was discovered in armadito-windows-driver/src/communication.c ...)
-	TODO: check
+	NOT-FOR-US: Armadito
 CVE-2018-7288
 	RESERVED
 CVE-2018-7287
@@ -51,7 +51,7 @@ CVE-2018-7282
 CVE-2018-7281
 	RESERVED
 CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2018-1000093
 	RESERVED
 CVE-2018-1000092
@@ -148,7 +148,7 @@ CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad th
 CVE-2018-7262
 	RESERVED
 CVE-2018-7261 (There are multiple Persistent XSS vulnerabilities in Radiant CMS ...)
-	TODO: check
+	NOT-FOR-US: Radiant CMS
 CVE-2018-7260 (Cross-site scripting (XSS) vulnerability in db_central_columns.php in ...)
 	TODO: check
 CVE-2018-7259 (The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a ...)
@@ -4393,7 +4393,7 @@ CVE-2018-5718
 CVE-2018-5717
 	RESERVED
 CVE-2018-5716 (An issue was discovered in Reprise License Manager 11.0. This ...)
-	TODO: check
+	NOT-FOR-US: Reprise License Manager
 CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query ...)
 	NOT-FOR-US: SugarCRM
 CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows ...)
@@ -16138,15 +16138,15 @@ CVE-2018-1170
 CVE-2018-1169
 	RESERVED
 CVE-2018-1168 (This vulnerability allows local attackers to escalate privileges on ...)
-	TODO: check
+	NOT-FOR-US: ABB MicroSCADA
 CVE-2018-1167
 	RESERVED
 CVE-2018-1166 (This vulnerability allows local attackers to escalate privileges on ...)
-	TODO: check
+	NOT-FOR-US: Joyent SmartOS
 CVE-2018-1165 (This vulnerability allows local attackers to escalate privileges on ...)
-	TODO: check
+	NOT-FOR-US: Joyent SmartOS
 CVE-2018-1164 (This vulnerability allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: ZyXEL
 CVE-2018-1163 (This vulnerability allows remote attackers to bypass authentication on ...)
 	NOT-FOR-US: Quest NetVault Backup
 CVE-2018-1162 (This vulnerability allows remote attackers to create a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db8dfcf192e192dabe0537a5804ffbe017b795d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db8dfcf192e192dabe0537a5804ffbe017b795d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180221/f815b6c6/attachment-0001.html>


More information about the Secure-testing-commits mailing list