[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Jan 6 09:38:43 UTC 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0feb36b6 by Salvatore Bonaccorso at 2018-01-06T10:36:44+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,9 +3,9 @@ CVE-2018-5255
 CVE-2018-5254
 	RESERVED
 CVE-2018-5253 (The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-5252 (libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has ...)
-	TODO: check
+	NOT-FOR-US: ImageWorsener
 CVE-2018-5251 (In libming 0.4.8, there is an integer signedness error vulnerability ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/97
@@ -812,11 +812,11 @@ CVE-2017-1000499 (phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnera
 	- phpmyadmin <not-affected> (Only affects phpMyAdmin starting from 4.7.0)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-9/
 CVE-2017-1000498 (AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG ...)
-	TODO: check
+	NOT-FOR-US: AndroidSVG
 CVE-2017-1000497 (Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the ...)
-	TODO: check
+	NOT-FOR-US: Pepperminty-Wiki
 CVE-2017-1000496 (Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration ...)
-	TODO: check
+	NOT-FOR-US: Commsy
 CVE-2017-1000495 (QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site ...)
 	NOT-FOR-US: QuickApps CMS
 CVE-2017-1000494 (Uninitialized stack variable vulnerability in NameValueParserEndElt ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0feb36b6c84d2efb729aa111b5b58479a792ea77

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0feb36b6c84d2efb729aa111b5b58479a792ea77
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180106/5cd10242/attachment.html>


More information about the Secure-testing-commits mailing list