[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Jan 25 09:20:59 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1dc06687 by Salvatore Bonaccorso at 2018-01-25T10:20:43+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7,7 +7,7 @@ CVE-2018-6310
 CVE-2018-6309
 	RESERVED
 CVE-2018-6308 (Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and ...)
-	TODO: check
+	NOT-FOR-US: SugarCRM
 CVE-2018-6307
 	RESERVED
 CVE-2018-6306
@@ -189,7 +189,7 @@ CVE-2018-6219
 CVE-2018-6218
 	RESERVED
 CVE-2018-6217 (The WStr::_alloc_iostr_data() function in kso.dll in Kingsoft WPS ...)
-	TODO: check
+	NOT-FOR-US: Kingsoft WPS Office
 CVE-2018-6216
 	RESERVED
 CVE-2018-6215
@@ -205,23 +205,23 @@ CVE-2018-6211
 CVE-2018-6210
 	RESERVED
 CVE-2018-6209 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxCryptMon.sys) ...)
-	TODO: check
+	NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6208 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
-	TODO: check
+	NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6207 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
-	TODO: check
+	NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6206 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
-	TODO: check
+	NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6205 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
-	TODO: check
+	NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6204 (In Max Secure Anti Virus 19.0.3.019,, the driver file (SDActMon.sys) ...)
-	TODO: check
+	NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6203 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) ...)
-	TODO: check
+	NOT-FOR-US: eScan Antivirus
 CVE-2018-6202 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) ...)
-	TODO: check
+	NOT-FOR-US: eScan Antivirus
 CVE-2018-6201 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) ...)
-	TODO: check
+	NOT-FOR-US: eScan Antivirus
 CVE-2018-6200 (vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the ...)
 	TODO: check
 CVE-2018-6199
@@ -237,7 +237,7 @@ CVE-2018-6192 (In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in ...)
 CVE-2018-6191 (The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an ...)
 	TODO: check
 CVE-2018-6190 (Netis WF2419 V3.2.41381 devices allow XSS via the Description field on ...)
-	TODO: check
+	NOT-FOR-US: Netis WF2419 V3.2.41381 devices
 CVE-2017-1000504 (A race condition during Jenkins 2.94 and earlier; 2.89.1 and earlier ...)
 	TODO: check
 CVE-2017-1000503 (A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 ...)
@@ -245,7 +245,7 @@ CVE-2017-1000503 (A race condition during Jenkins 2.81 through 2.94 (inclusive);
 CVE-2017-1000502 (Users with permission to create or configure agents in Jenkins 1.37 ...)
 	TODO: check
 CVE-2017-1000474 (Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is ...)
-	TODO: check
+	NOT-FOR-US: Soyket Chowdhury Vehicle Sales Management System
 CVE-2018-6198 (w3m through 0.5.3 does not properly handle temporary files when the ...)
 	- w3m <unfixed> (bug #888097; unimportant)
 	NOTE: https://github.com/tats/w3m/commit/18dcbadf2771cdb0c18509b14e4e73505b242753
@@ -810,7 +810,7 @@ CVE-2018-5968 (FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1899
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05
 CVE-2018-5967 (Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter ...)
-	TODO: check
+	NOT-FOR-US: Netis WF2419 V2.2.36123 devices
 CVE-2018-5966
 	RESERVED
 CVE-2018-5965



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1dc06687257008717df0e141e1656bd9651c9263

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1dc06687257008717df0e141e1656bd9651c9263
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180125/594e1bab/attachment.html>

More information about the Secure-testing-commits mailing list