[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Jul 4 21:33:30 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ad0f0bbc by Moritz Muehlenhoff at 2018-07-04T22:33:14+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4740,7 +4740,7 @@ CVE-2018-11337
 CVE-2018-11336
 	RESERVED
 CVE-2018-11335 (GVToken Genesis Vision (GVT) is a smart contract running on Ethereum. ...)
-	TODO: check
+	NOT-FOR-US: smart contract
 CVE-2018-11334 (Windscribe 1.81 creates a named pipe with a NULL DACL that allows ...)
 	NOT-FOR-US: Windscribe
 CVE-2018-11333
@@ -4786,11 +4786,11 @@ CVE-2018-11318
 CVE-2018-11317
 	RESERVED
 CVE-2018-11316 (The UPnP HTTP server on Sonos wireless speaker products allow ...)
-	TODO: check
+	NOT-FOR-US: Sonos
 CVE-2018-11315 (The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below ...)
 	NOT-FOR-US: Radio Thermostat CT50 and CT80
 CVE-2018-11314 (The External Control API in Roku and Roku TV products allow ...)
-	TODO: check
+	NOT-FOR-US: Roku
 CVE-2018-11313
 	RESERVED
 CVE-2018-11312
@@ -5461,7 +5461,7 @@ CVE-2018-11053 (Dell EMC iDRAC Service Module for all supported Linux and XenSer
 CVE-2018-11052 (Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication ...)
 	NOT-FOR-US: EMC
 CVE-2018-11051 (RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 ...)
-	TODO: check
+	NOT-FOR-US: RSA Certificate Manager
 CVE-2018-11050
 	RESERVED
 CVE-2018-11049
@@ -6620,7 +6620,7 @@ CVE-2018-10598
 CVE-2018-10597 (IntelliVue Patient Monitors MP Series (including ...)
 	NOT-FOR-US: Philips
 CVE-2018-10596 (Medtronic 2090 CareLink Programmer all versions The affected product ...)
-	TODO: check
+	NOT-FOR-US: Medtronic
 CVE-2018-10595 (A vulnerability in ReadA version 1.1.0.2 and previous allows an ...)
 	NOT-FOR-US: BD Kiestra and InoqulA systems
 CVE-2018-10594 (Delta Industrial Automation COMMGR from Delta Electronics versions ...)
@@ -7975,9 +7975,9 @@ CVE-2018-10078 (Cross-site scripting (XSS) vulnerability in Geist WatchDog Conso
 CVE-2018-10077 (XML external entity (XXE) vulnerability in Geist WatchDog Console ...)
 	NOT-FOR-US: Geist WatchDog Console
 CVE-2018-10076 (An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. ...)
-	TODO: check
+	NOT-FOR-US: Zoho
 CVE-2018-10075 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine EventLog ...)
-	TODO: check
+	NOT-FOR-US: Zoho
 CVE-2018-10073 (joyplus-cms 1.6.0 has XSS in manager/admin_vod.php via the keyword ...)
 	NOT-FOR-US: joyplus-cms
 CVE-2018-10072 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...)
@@ -9617,14 +9617,14 @@ CVE-2018-9339
 CVE-2018-9338
 	RESERVED
 CVE-2018-9337 (The PAN-OS web interface administration page in PAN-OS 6.1.20 and ...)
-	TODO: check
+	NOT-FOR-US: PAN-OS
 CVE-2018-9336 (openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x ...)
 	- openvpn <not-affected> (Windows specific issue)
 	NOTE: https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b
 CVE-2018-9335 (The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 ...)
-	TODO: check
+	NOT-FOR-US: PAN-OS
 CVE-2018-9334 (The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: PAN-OS
 CVE-2018-9333
 	RESERVED
 CVE-2018-9332
@@ -9786,7 +9786,7 @@ CVE-2018-9278
 CVE-2018-9277
 	RESERVED
 CVE-2018-9276 (An issue was discovered in PRTG Network Monitor before 18.2.39. An ...)
-	TODO: check
+	NOT-FOR-US: PRTG Network Monitor
 CVE-2018-9275 (In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) ...)
 	- yubico-pam <unfixed> (bug #896491)
 	[stretch] - yubico-pam <no-dsa> (Minor issue)
@@ -10955,11 +10955,11 @@ CVE-2018-8872 (In Schneider Electric Triconex Tricon MP model 3008 firmware vers
 CVE-2018-8871 (In Delta Electronics Automation TPEditor version 1.89 or prior, ...)
 	NOT-FOR-US: Delta Electronics Automation TPEditor
 CVE-2018-8870 (Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all ...)
-	TODO: check
+	NOT-FOR-US: Medtronic
 CVE-2018-8869 (In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for ...)
 	NOT-FOR-US: Lantech
 CVE-2018-8868 (Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all ...)
-	TODO: check
+	NOT-FOR-US: Medtronic
 CVE-2018-8867 (In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 ...)
 	NOT-FOR-US: GE PACSystems
 CVE-2018-8866 (In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ad0f0bbc1067ee3a72f97ddd732ea4a8eae6edbb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ad0f0bbc1067ee3a72f97ddd732ea4a8eae6edbb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180704/4283f0a1/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list