[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU

Salvatore Bonaccorso carnil at debian.org
Tue Jan 16 21:33:15 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fed11f34 by Salvatore Bonaccorso at 2018-01-16T22:31:16+01:00
Process NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -9,11 +9,11 @@ CVE-2018-5717
 CVE-2018-5716
 	RESERVED
 CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query ...)
-	TODO: check
+	NOT-FOR-US: SugarCRM
 CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows ...)
-	TODO: check
+	NOT-FOR-US: Malwarefox Anti-Malware
 CVE-2018-5713 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows ...)
-	TODO: check
+	NOT-FOR-US: Malwarefox Anti-Malware
 CVE-2018-5712 (An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, ...)
 	- php7.1 7.1.13-1
 	- php7.0 7.0.27-1
@@ -40,7 +40,7 @@ CVE-2018-5708
 CVE-2018-5707
 	RESERVED
 CVE-2018-5706 (An issue was discovered in Octopus Deploy before 4.1.9. Any user with ...)
-	TODO: check
+	NOT-FOR-US: Octopus Deploy
 CVE-2018-5705
 	RESERVED
 CVE-2018-1000003
@@ -53,7 +53,7 @@ CVE-2018-5703 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the L
 	- linux <unfixed>
 	NOTE: https://lkml.org/lkml/2018/1/16/53
 CVE-2017-18032 (The download-manager plugin before 2.9.52 for WordPress has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: download-manager plugin for WordPress
 CVE-2018-5701
 	RESERVED
 CVE-2018-5700 (Winmail Server through 6.2 allows remote code execution by ...)
@@ -781,7 +781,7 @@ CVE-2018-5372 (The Testimonial Slider plugin through 1.2.4 for WordPress has SQL
 CVE-2018-5371 (diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ...)
 	NOT-FOR-US: D-Link
 CVE-2018-5370 (BizLogic xnami 1.0 has XSS via the comment parameter in an addComment ...)
-	TODO: check
+	NOT-FOR-US: BizLogic xnami
 CVE-2018-5369 (The SrbTransLatin plugin 1.46 for WordPress has XSS via an ...)
 	NOT-FOR-US: SrbTransLatin plugin for WordPress
 CVE-2018-5368 (The SrbTransLatin plugin 1.46 for WordPress has CSRF via an ...)
@@ -906,7 +906,7 @@ CVE-2017-1000439
 CVE-2018-5331 (Discuz! DiscuzX X3.4 has XSS via the view parameter to ...)
 	NOT-FOR-US: Discuz!
 CVE-2018-5330 (ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: ZyXEL
 CVE-2018-5329 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site ...)
 	NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
 CVE-2018-5328 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various ...)
@@ -11245,7 +11245,7 @@ CVE-2017-17431 (GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, s
 CVE-2017-17430 (Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows ...)
 	NOT-FOR-US: Sangoma NetBorder / Vega Session Controller
 CVE-2017-17429 (In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-17428
 	RESERVED
 	NOT-FOR-US: Cisco ACE
@@ -16153,23 +16153,23 @@ CVE-2017-16559
 CVE-2017-16558
 	RESERVED
 CVE-2017-16557 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16556 (In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16555 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16554 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16553 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16552 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16551 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16550 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16549 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
-	TODO: check
+	NOT-FOR-US: K7 Antivirus
 CVE-2017-16548 (The receive_xattr function in xattrs.c in rsync 3.1.2 and ...)
 	{DSA-4068-1 DLA-1218-1}
 	- rsync 3.1.2-2.1 (bug #880954)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fed11f3410f763d180c33d349b15ce8e34a776c3

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fed11f3410f763d180c33d349b15ce8e34a776c3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180116/dddb421f/attachment-0001.html>

More information about the Secure-testing-commits mailing list