[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Jan 10 18:36:37 UTC 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43461bb3 by Moritz Muehlenhoff at 2018-01-10T19:36:21+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3193,6 +3193,7 @@ CVE-2017-18017 (The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c i
 	NOTE: Fixed by: https://git.kernel.org/linus/2638fd0f92d4397884fd991d8f4925cb3f081901
 CVE-2017-18016
 	RESERVED
+	NOT-FOR-US: Paritytech Parity Ethereum
 CVE-2017-1000493 (Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL ...)
 	NOT-FOR-US: Rocket.Chat Server
 CVE-2017-1000492 (Leanote-desktop version v2.5 is vulnerable to a XSS which leads to ...)
@@ -17648,6 +17649,7 @@ CVE-2017-15718
 	RESERVED
 CVE-2017-15717
 	RESERVED
+	NOT-FOR-US: Apache Sling
 CVE-2017-15716
 	RESERVED
 CVE-2017-15715
@@ -27057,7 +27059,7 @@ CVE-2017-12624 (Apache CXF supports sending and receiving attachments via either
 CVE-2017-12623 (An authorized user could upload a template which contained malicious ...)
 	NOT-FOR-US: Apache NiFi
 CVE-2017-12622 (When an Apache Geode cluster before v1.3.0 is operating in secure mode ...)
-	TODO: check
+	NOT-FOR-US: Apache Geode
 CVE-2017-12621 (During Jelly (xml) file parsing with Apache Xerces, if a custom ...)
 	- jenkins-commons-jelly <removed>
 	[jessie] - jenkins-commons-jelly <ignored> (Minor issue, only used by Jenkins which got removed)
@@ -33415,9 +33417,9 @@ CVE-2017-9798 (Apache httpd allows remote attackers to read secret data from pro
 CVE-2017-9797 (When an Apache Geode cluster before v1.2.1 is operating in secure ...)
 	NOT-FOR-US: Apache Geode
 CVE-2017-9796 (When an Apache Geode cluster before v1.3.0 is operating in secure ...)
-	TODO: check
+	NOT-FOR-US: Apache Geode
 CVE-2017-9795 (When an Apache Geode cluster before v1.3.0 is operating in secure ...)
-	TODO: check
+	NOT-FOR-US: Apache Geode
 CVE-2017-9794 (When a cluster is operating in secure mode, a user with read ...)
 	NOT-FOR-US: Apache Geode
 CVE-2017-9793 (The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43461bb3fb98567bdf7c0a831bb550881f71213d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43461bb3fb98567bdf7c0a831bb550881f71213d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180110/0ec2e761/attachment.html>

More information about the Secure-testing-commits mailing list