[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Feb 28 22:10:25 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d41afc2f by Moritz Muehlenhoff at 2018-02-28T23:10:10+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26694,7 +26694,7 @@ CVE-2017-1000097 (On Darwin, user's trust preferences for root certificates were
- golang-1.9 <not-affected> (OS X specific issue)
NOTE: https://github.com/golang/go/issues/18141
CVE-2017-15011 (The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and ...)
- TODO: check, can't make much sense of it, probably limited to Win32
+ - qbittorrent <not-affected> (Only affects Windows)
CVE-2017-15010 (A ReDoS (regular expression denial of service) flaw was found in the ...)
- node-tough-cookie <unfixed> (bug #877660)
NOTE: https://github.com/salesforce/tough-cookie/issues/92
@@ -35356,7 +35356,7 @@ CVE-2017-12132 (The DNS stub resolver in the GNU C Library (aka glibc or libc6)
CVE-2017-12131 (The Easy Testimonials plugin 3.0.4 for WordPress has XSS in ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-12130 (An exploitable NULL pointer dereference vulnerability exists in the ...)
- TODO: check
+ NOT-FOR-US: tinysvcmdns
CVE-2017-12129
RESERVED
CVE-2017-12128
@@ -35423,7 +35423,7 @@ CVE-2017-12098 (An exploitable cross site scripting (XSS) vulnerability exists i
- ruby-rails-admin <unfixed>
NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0450
CVE-2017-12097 (An exploitable cross site scripting (XSS) vulnerability exists in the ...)
- TODO: check
+ NOT-FOR-US: delayed_job_web rails gem
CVE-2017-12096 (An exploitable vulnerability exists in the WiFi management of Circle ...)
NOT-FOR-US: Circle of Disney
CVE-2017-12095
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d41afc2f9655d43ead1c6442e16fc1deaa863c26
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d41afc2f9655d43ead1c6442e16fc1deaa863c26
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180228/b2bf1252/attachment.html>
More information about the Secure-testing-commits
mailing list