[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2018-8038 as NFU
Salvatore Bonaccorso
carnil at debian.org
Wed Jul 4 15:56:41 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
068e8855 by Salvatore Bonaccorso at 2018-07-04T16:56:03+02:00
Mark CVE-2018-8038 as NFU
- - - - -
a72158c8 by Salvatore Bonaccorso at 2018-07-04T16:56:19+02:00
Cleanup traling whitespaces
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -438,7 +438,7 @@ CVE-2018-12934 (remember_Ktype in cplus-dem.c in GNU libiberty, as distributed i
[stretch] - binutils <ignored> (Minor issue)
[jessie] - binutils <ignored> (Minor issue)
NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453
- NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23059
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23059
CVE-2018-12933 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to ...)
- wine <unfixed> (low)
[stretch] - wine <no-dsa> (Minor issue)
@@ -1139,7 +1139,7 @@ CVE-2018-1000559 (qutebrowser version introduced in v0.11.0 ...)
- qutebrowser 1.3.3-1
NOTE: https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7
NOTE: https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f
- NOTE: https://github.com/qutebrowser/qutebrowser/issues/4011
+ NOTE: https://github.com/qutebrowser/qutebrowser/issues/4011
CVE-2018-1000558 (OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and ...)
- ocsinventory-server 2.4.1+dfsg-1 (unimportant)
NOTE: Authentication is needed, only supported in trusted environments, see debtags
@@ -1234,7 +1234,7 @@ CVE-2018-1000521 (BigTree-CMS contains a Cross Site Scripting (XSS) vulnerabilit
CVE-2018-1000520 (ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows ...)
- mbedtls <unfixed>
- polarssl <removed>
- NOTE: https://github.com/ARMmbed/mbedtls/issues/1561
+ NOTE: https://github.com/ARMmbed/mbedtls/issues/1561
CVE-2018-1000519 (aio-libs aiohttp-session contains a Session Fixation vulnerability in ...)
NOT-FOR-US: aio-libs aiohttp-session
CVE-2018-1000518 (aaugustin websockets version 4 contains a CWE-409: Improper Handling ...)
@@ -12863,6 +12863,7 @@ CVE-2018-8039 (It is possible to configure Apache CXF to use the com.sun.net.ssl
NOT-FOR-US: Apache CXF
CVE-2018-8038
RESERVED
+ NOT-FOR-US: Apache CXF
CVE-2018-8037
RESERVED
CVE-2018-8036 (In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3f23fb4e6594c7bc0acbd05e307f81e631bb8dca...a72158c81ced8a8c9ddf7c7a42decf5209f56e6f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3f23fb4e6594c7bc0acbd05e307f81e631bb8dca...a72158c81ced8a8c9ddf7c7a42decf5209f56e6f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180704/197d5145/attachment.html>
More information about the debian-security-tracker-commits
mailing list