[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 6 09:38:43 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0feb36b6 by Salvatore Bonaccorso at 2018-01-06T10:36:44+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,9 +3,9 @@ CVE-2018-5255
CVE-2018-5254
RESERVED
CVE-2018-5253 (The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2018-5252 (libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has ...)
- TODO: check
+ NOT-FOR-US: ImageWorsener
CVE-2018-5251 (In libming 0.4.8, there is an integer signedness error vulnerability ...)
- ming <removed>
NOTE: https://github.com/libming/libming/issues/97
@@ -812,11 +812,11 @@ CVE-2017-1000499 (phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnera
- phpmyadmin <not-affected> (Only affects phpMyAdmin starting from 4.7.0)
NOTE: https://www.phpmyadmin.net/security/PMASA-2017-9/
CVE-2017-1000498 (AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG ...)
- TODO: check
+ NOT-FOR-US: AndroidSVG
CVE-2017-1000497 (Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the ...)
- TODO: check
+ NOT-FOR-US: Pepperminty-Wiki
CVE-2017-1000496 (Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration ...)
- TODO: check
+ NOT-FOR-US: Commsy
CVE-2017-1000495 (QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site ...)
NOT-FOR-US: QuickApps CMS
CVE-2017-1000494 (Uninitialized stack variable vulnerability in NameValueParserEndElt ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0feb36b6c84d2efb729aa111b5b58479a792ea77
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0feb36b6c84d2efb729aa111b5b58479a792ea77
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180106/5cd10242/attachment.html>
More information about the Secure-testing-commits
mailing list