[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Feb 28 18:20:06 UTC 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f531b506 by Moritz Muehlenhoff at 2018-02-28T19:19:40+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2532,13 +2532,13 @@ CVE-2018-6643
 CVE-2018-6642
 	RESERVED
 CVE-2018-6641 (An Arbitrary Free (Remote Code Execution) issue was discovered in ...)
-	TODO: check
+	NOT-FOR-US: Design Science MathType
 CVE-2018-6640 (A Heap Overflow (Remote Code Execution) issue was discovered in Design ...)
-	TODO: check
+	NOT-FOR-US: Design Science MathType
 CVE-2018-6639 (An out-of-bounds write (Remote Code Execution) issue was discovered in ...)
-	TODO: check
+	NOT-FOR-US: Design Science MathType
 CVE-2018-6638 (A stack-based buffer overflow (Remote Code Execution) issue was ...)
-	TODO: check
+	NOT-FOR-US: Design Science MathType
 CVE-2018-6637
 	RESERVED
 CVE-2018-6636
@@ -42316,7 +42316,7 @@ CVE-2017-9711
 CVE-2017-9710 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9709 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9708 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9707
@@ -43093,9 +43093,9 @@ CVE-2017-9428 (A directory traversal vulnerability exists in ...)
 CVE-2017-9427 (SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2017-9426 (ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection ...)
-	TODO: check
+	NOT-FOR-US: Piwigo extension
 CVE-2017-9425 (The Facetag extension 0.0.3 for Piwigo allows XSS via the name ...)
-	TODO: check
+	NOT-FOR-US: Piwigo extension
 CVE-2017-9424 (IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers ...)
 	NOT-FOR-US: IdeaBlade Breeze Breeze.Server.NET
 CVE-2017-9423
@@ -43122,7 +43122,7 @@ CVE-2017-9416 (Directory traversal vulnerability in tools.file_open in Odoo 8.0,
 CVE-2017-9415 (Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 ...)
 	NOT-FOR-US: Subsonic
 CVE-2017-9414 (Cross-site request forgery (CSRF) vulnerability in the Subscribe to ...)
-	TODO: check
+	NOT-FOR-US: Subsonic
 CVE-2017-9413 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
 	NOT-FOR-US: Subsonic
 CVE-2012-6705 (Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f531b506c54f49166ecc110a660ea10cc84a9a6d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f531b506c54f49166ecc110a660ea10cc84a9a6d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180228/d73db40c/attachment.html>

More information about the Secure-testing-commits mailing list