[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Jan 24 06:43:45 UTC 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
398d5bc9 by Moritz Muehlenhoff at 2018-01-24T07:43:36+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -301,25 +301,25 @@ CVE-2018-6031
 CVE-2018-6030
 	RESERVED
 CVE-2018-1000016 (Jenkins Ant Plugin 1.7 and earlier failed to escape tool names it ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000015 (On Jenkins instances with Authorize Project plugin, the authentication ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000014 (Jenkins Translation Assistance Plugin 1.15 and earlier did not require ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000013 (Jenkins Release Plugin 2.9 and earlier did not require form ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000012 (Jenkins Warnings Plugin 4.64 and earlier processes XML external ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000011 (Jenkins FindBugs Plugin 4.71 and earlier processes XML external ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000010 (Jenkins DRY Plugin 2.49 and earlier processes XML external entities in ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000009 (Jenkins Checkstyle Plugin 3.49 and earlier processes XML external ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000008 (Jenkins PMD Plugin 3.49 and earlier processes XML external entities in ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2015-1142857 (On multiple SR-IOV cars it is possible for VF's assigned to guests to ...)
-	TODO: check
+	NOT-FOR-US: SR-IOV cars
 CVE-2018-6029 (The copy function in application/admin/controller/Article.php in ...)
 	NOT-FOR-US: NoneCms
 CVE-2018-6028
@@ -351,7 +351,7 @@ CVE-2018-6016
 CVE-2018-6015
 	RESERVED
 CVE-2018-6014 (Subsonic v6.1.3 has an insecure allow-access-from domain="*" Flash ...)
-	TODO: check
+	NOT-FOR-US: Subsonic
 CVE-2018-6013 (Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2018-6012
@@ -429,7 +429,7 @@ CVE-2017-18048 (Monstra CMS 3.0.4 allows users to upload arbitrary files, which 
 CVE-2017-1000417 (MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic ...)
 	- matrixssl <removed>
 CVE-2017-1000416 (axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting ...)
-	TODO: check
+	NOT-FOR-US: axTLS
 CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function in ...)
 	- libtasn1-6 4.13-2
 	[jessie] - libtasn1-6 <not-affected> (Vulnerable code introduced in 4.3)
@@ -523,7 +523,7 @@ CVE-2018-5962 (index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel throu
 CVE-2018-5961 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has ...)
 	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
 CVE-2018-5960 (Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of ...)
-	TODO: check
+	NOT-FOR-US: Zenario
 CVE-2018-5959
 	RESERVED
 CVE-2018-5958 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local ...)
@@ -535,7 +535,7 @@ CVE-2018-5956 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows
 CVE-2018-5955 (An issue was discovered in GitStack through 2.3.10. User controlled ...)
 	TODO: check
 CVE-2017-18047 (Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP ...)
-	TODO: check
+	NOT-FOR-US: LabF nfsAxe
 CVE-2017-18046 (Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 ...)
 	NOT-FOR-US: Dasan GPON ONT WiFi Router devices
 CVE-2016-10709 (pfSense before 2.3 allows remote authenticated users to execute ...)
@@ -988,7 +988,7 @@ CVE-2018-5763
 CVE-2018-5762
 	RESERVED
 CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was found ...)
-	TODO: check
+	NOT-FOR-US: Rubrik CDM
 CVE-2018-5760
 	RESERVED
 CVE-2018-5759



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/398d5bc99cfc7dfca4eec0e4af797ea725e544a4

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/398d5bc99cfc7dfca4eec0e4af797ea725e544a4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180124/6c3b1747/attachment.html>

More information about the Secure-testing-commits mailing list