[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Jan 27 09:35:41 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eeb1bbd2 by Salvatore Bonaccorso at 2018-01-27T10:35:02+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -816,7 +816,7 @@ CVE-2018-6017 (Unencrypted transmission of images in Tinder iOS app and Tinder .
 CVE-2018-6016
 	RESERVED
 CVE-2018-6015 (An issue was discovered in the "Email Subscribers & Newsletters" ...)
-	TODO: check
+	NOT-FOR-US: "Email Subscribers & Newsletters" plugin for WordPress
 CVE-2018-6014 (Subsonic v6.1.3 has an insecure allow-access-from domain="*" Flash ...)
 	NOT-FOR-US: Subsonic
 CVE-2018-6013 (Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to ...)
@@ -20858,7 +20858,7 @@ CVE-2017-15548 (An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x
 CVE-2017-15547
 	RESERVED
 CVE-2017-15546 (The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and ...)
-	TODO: check
+	NOT-FOR-US: EMC RSA Authentication Manager
 CVE-2017-15545
 	REJECTED
 CVE-2017-15544
@@ -56900,7 +56900,7 @@ CVE-2017-3770 (Privilege escalation vulnerability in LXCA versions earlier than 
 CVE-2017-3769
 	RESERVED
 CVE-2017-3768 (An unprivileged attacker with connectivity to the IMM2 could cause a ...)
-	TODO: check
+	NOT-FOR-US: IBM System x / IMM2
 CVE-2017-3767 (A local privilege escalation vulnerability was identified in the ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3766
@@ -62859,7 +62859,7 @@ CVE-2017-1655
 CVE-2017-1654
 	RESERVED
 CVE-2017-1653 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
-	TODO: check
+	NOT-FOR-US: IBM Jazz Foundation
 CVE-2017-1652
 	RESERVED
 CVE-2017-1651
@@ -63031,7 +63031,7 @@ CVE-2017-1569 (IBM WebSphere Commerce 7.0 and 8.0 contains an unspecified ...)
 CVE-2017-1568
 	RESERVED
 CVE-2017-1567 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1566
 	RESERVED
 CVE-2017-1565
@@ -63039,7 +63039,7 @@ CVE-2017-1565
 CVE-2017-1564
 	RESERVED
 CVE-2017-1563 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1562
 	RESERVED
 CVE-2017-1561
@@ -63075,7 +63075,7 @@ CVE-2017-1547
 CVE-2017-1546 (IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable ...)
 	NOT-FOR-US: IBM DOORS Next Generation
 CVE-2017-1545 (IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical ...)
-	TODO: check
+	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1544
 	RESERVED
 CVE-2017-1543
@@ -63085,7 +63085,7 @@ CVE-2017-1542
 CVE-2017-1541 (A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep ...)
 	NOT-FOR-US: IBM
 CVE-2017-1540 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1539 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2017-1538 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
@@ -63101,7 +63101,7 @@ CVE-2017-1534 (IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow
 CVE-2017-1533 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
 CVE-2017-1532 (IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM DOORS
 CVE-2017-1531 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2017-1530 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to ...)
@@ -63133,9 +63133,9 @@ CVE-2017-1518
 CVE-2017-1517
 	RESERVED
 CVE-2017-1516 (IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to ...)
-	TODO: check
+	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1515 (IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to ...)
-	TODO: check
+	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1514
 	RESERVED
 CVE-2017-1513
@@ -63153,7 +63153,7 @@ CVE-2017-1508 (IBM Informix Dynamic Server 12.1 could allow a local user logged 
 CVE-2017-1507 (IBM Jazz Foundation Products could disclose sensitive information ...)
 	NOT-FOR-US: IBM Jazz Foundation Products
 CVE-2017-1506 (IBM Cognos TM1 10.2 and 10.2.2 is vulnerable to cross-site scripting. ...)
-	TODO: check
+	NOT-FOR-US: IBM Cognos TM1
 CVE-2017-1505
 	RESERVED
 CVE-2017-1504 (IBM WebSphere Application Server version 9.0.0.4 could provide weaker ...)
@@ -63607,7 +63607,7 @@ CVE-2017-1281
 CVE-2017-1280
 	RESERVED
 CVE-2017-1279 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a ...)
-	TODO: check
+	NOT-FOR-US: IBM Tealeaf Customer Experience
 CVE-2017-1278 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2017-1277
@@ -63757,7 +63757,7 @@ CVE-2017-1206
 CVE-2017-1205 (IBM Platform LSF 10.1 contains an unspecified vulnerability that could ...)
 	NOT-FOR-US: IBM
 CVE-2017-1204 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains ...)
-	TODO: check
+	NOT-FOR-US: IBM Tealeaf Customer Experience
 CVE-2017-1203 (IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and ...)
 	NOT-FOR-US: IBM
 CVE-2017-1202
@@ -87929,7 +87929,7 @@ CVE-2016-2985 (IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.
 CVE-2016-2984 (IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and ...)
 	NOT-FOR-US: IBM
 CVE-2016-2983 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a ...)
-	TODO: check
+	NOT-FOR-US: IBM Tealeaf Customer Experience
 CVE-2016-2982
 	RESERVED
 CVE-2016-2981 (An undisclosed vulnerability in the CLM applications in IBM Jazz Team ...)
@@ -97686,7 +97686,7 @@ CVE-2016-0221 (Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as us
 CVE-2016-0220
 	RESERVED
 CVE-2016-0219 (XML external entity (XXE) vulnerability in IBM Rational Team Concert ...)
-	TODO: check
+	NOT-FOR-US: IBM Rational Team Concert
 CVE-2016-0218 (IBM Cognos Business Intelligence and IBM Cognos Analytics are ...)
 	NOT-FOR-US: IBM
 CVE-2016-0217 (IBM Cognos Business Intelligence and IBM Cognos Analytics are ...)
@@ -97694,7 +97694,7 @@ CVE-2016-0217 (IBM Cognos Business Intelligence and IBM Cognos Analytics are ...
 CVE-2016-0216 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
 	NOT-FOR-US: IBM
 CVE-2016-0215 (IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2016-0214 (IBM Tivoli Endpoint Manager could allow a remote attacker to upload ...)
 	NOT-FOR-US: IBM
 CVE-2016-0213 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
@@ -97710,7 +97710,7 @@ CVE-2016-0209 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 
 CVE-2016-0208 (IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and ...)
 	NOT-FOR-US: IBM
 CVE-2016-0207 (IBM Algorithmics One-Algo Risk Application (ARA) 4.9.1 through 5.1.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM Algorithmics One-Algo Risk Application
 CVE-2016-0206 (IBM Cloud Orchestrator could allow a local authenticated attacker to ...)
 	NOT-FOR-US: IBM
 CVE-2016-0205



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eeb1bbd2f4683c403fceb8b874938e69ba04c431

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eeb1bbd2f4683c403fceb8b874938e69ba04c431
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180127/1fd25b88/attachment.html>

More information about the Secure-testing-commits mailing list