[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Feb 26 21:38:30 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
89ada36f by Salvatore Bonaccorso at 2018-02-26T22:38:08+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,7 +3,7 @@ CVE-2018-7492 (A NULL pointer dereference was found in the net/rds/rdma.c ...)
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f3069c6d33f6ae63a1668737bc78aaaa51bff7ca
 CVE-2018-7491 (In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2018-7490
 	RESERVED
 CVE-2018-7489 (FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 ...)
@@ -13,7 +13,7 @@ CVE-2018-7488
 CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of ...)
 	TODO: check
 CVE-2018-7486 (Blue River Mura CMS before v7.0.7029 supports inline function calls ...)
-	TODO: check
+	NOT-FOR-US: Blue River Mura CMS
 CVE-2018-7485 (The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC ...)
 	TODO: check
 CVE-2017-18201 (An issue was discovered in GNU libcdio before 2.0.0. There is a double ...)
@@ -80,7 +80,7 @@ CVE-2018-7465
 CVE-2018-7464
 	RESERVED
 CVE-2018-7463 (SQL injection vulnerability in files.php in the "files" component in ...)
-	TODO: check
+	NOT-FOR-US: ASANHAMAYESH CMS
 CVE-2018-7462
 	RESERVED
 CVE-2018-7461
@@ -122,7 +122,7 @@ CVE-2018-7450
 CVE-2018-7449
 	RESERVED
 CVE-2018-7448 (Remote code execution vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site ...)
 	NOT-FOR-US: mojoPortal
 CVE-2018-7446
@@ -174,7 +174,7 @@ CVE-2018-7424
 CVE-2018-7423
 	RESERVED
 CVE-2017-18195 (An issue was discovered in tools/conversations/view_ajax.php in ...)
-	TODO: check
+	NOT-FOR-US: Concrete5
 CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate ...)
 	- elinks <unfixed> (bug #891575)
 	- links2 2.6-1 (bug #694658; bug #510417)
@@ -801,9 +801,9 @@ CVE-2018-7252
 CVE-2018-7251 (An issue was discovered in config/error.php in Anchor 0.12.3. The error ...)
 	NOT-FOR-US: Anchor CMS
 CVE-2018-7250 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-7249 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-18192 (smart/calculator/gallerylock/CalculatorActivity.java in the ...)
 	NOT-FOR-US: "Photo,Video Locker-Calculator" application for Android
 CVE-2015-9256 (Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/89ada36ff5638d6e0f6ca3cda7eccde10eba3056

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/89ada36ff5638d6e0f6ca3cda7eccde10eba3056
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180226/3a64a4d9/attachment.html>

More information about the Secure-testing-commits mailing list