[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Fri Jul 6 16:05:03 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84ebd62a by Moritz Muehlenhoff at 2018-07-06T17:04:31+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -39955,7 +39955,7 @@ CVE-2016-10690 (openframe-ascii-image module is an openframe plugin which adds s
 CVE-2016-10689 (The windows-iedriver module downloads fixed version of ...)
 	NOT-FOR-US: The windows-iedriver
 CVE-2016-10688 (Haxe 3 : The Cross-Platform Toolkit (a fork from David Mouton's ...)
-	TODO: check
+	NOT-FOR-US: Haxe node module, different from src:haxe
 CVE-2016-10687 (windows-selenium-chromedriver is a module that downloads the Selenium ...)
 	NOT-FOR-US: windows-selenium-chromedriver
 CVE-2016-10686 (fis-sass-all is another libsass wrapper for node. fis-sass-all ...)
@@ -39965,7 +39965,7 @@ CVE-2016-10685 (pk-app-wonderbox is an integration with wonderbox pk-app-wonderb
 CVE-2016-10684 (healthcenter - IBM Monitoring and Diagnostic Tools health Center agent ...)
 	NOT-FOR-US: IBM
 CVE-2016-10683 (arcanist downloads resources over HTTP, which leaves it vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: arcanist node module, different from src:arcanist
 CVE-2016-10682 (massif is a Phantomjs fork massif downloads resources over HTTP, which ...)
 	NOT-FOR-US: massif
 CVE-2016-10681 (roslib-socketio - The standard ROS Javascript Library fork for add ...)
@@ -40037,35 +40037,35 @@ CVE-2016-10649 (frames-compiler downloads binary resources over HTTP, which leav
 CVE-2016-10648 (marionette-socket-host is a marionette-js-runner host for sending ...)
 	NOT-FOR-US: marionette-socket-host
 CVE-2016-10647 (node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary ...)
-	TODO: check
+	NOT-FOR-US: node-air-sdk
 CVE-2016-10646 (resourcehacker is a Node wrapper of Resource Hacker (windows ...)
-	TODO: check
+	NOT-FOR-US: resourcehacker
 CVE-2016-10645 (grunt-images is a grunt plugin for processing images. grunt-images ...)
-	TODO: check
+	NOT-FOR-US: grunt-images
 CVE-2016-10644 (slimerjs-edge is a npm wrapper for installing the bleeding edge ...)
-	TODO: check
+	NOT-FOR-US: slimerjs-edge
 CVE-2016-10643 (jstestdriver is a wrapper for Google's jstestdriver. jstestdriver ...)
-	TODO: check
+	NOT-FOR-US: jstestdriver
 CVE-2016-10642 (cmake installs the cmake x86 linux binaries. cmake downloads binary ...)
-	TODO: check
+	NOT-FOR-US: cmake node intregration
 CVE-2016-10641 (node-bsdiff-android downloads resources over HTTP, which leaves it ...)
-	TODO: check
+	NOT-FOR-US: node-bsdiff-android
 CVE-2016-10640 (node-thulac is a node binding for thulac. node-thulac downloads binary ...)
-	TODO: check
+	NOT-FOR-US: node-thulac
 CVE-2016-10639 (redis-srvr is a npm wrapper for redis-server. redis-srvr downloads ...)
-	TODO: check
+	NOT-FOR-US: redis-srvr
 CVE-2016-10638 (js-given is a JavaScript frontend to jgiven. js-given downloads binary ...)
-	TODO: check
+	NOT-FOR-US: js-given
 CVE-2016-10637 (haxe-dev is a cross-platform toolkit. haxe-dev downloads binary ...)
-	TODO: check
+	NOT-FOR-US: haxe-dev, different from src:haxe
 CVE-2016-10636 (grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler ...)
-	TODO: check
+	NOT-FOR-US: grunt-ccompiler
 CVE-2016-10635 (broccoli-closure is a Closure compiler plugin for Broccoli. ...)
-	TODO: check
+	NOT-FOR-US: broccoli-closure
 CVE-2016-10634 (scala-standalone-bin is a Binary wrapper for ScalaJS. ...)
-	TODO: check
+	NOT-FOR-US: scala-standalone-bin
 CVE-2016-10633 (dwebp-bin is a dwebp node.js wrapper that convert WebP into PNG. ...)
-	TODO: check
+	NOT-FOR-US: dwebp-bin
 CVE-2016-10632 (apk-parser2 is a module which extracts Android Manifest info from an ...)
 	NOT-FOR-US: apk-parser2
 CVE-2016-10631 (jvminstall is a module for downloading and unpacking jvm to local ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84ebd62a2585f35669298f21b494e5c0ce97f10a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84ebd62a2585f35669298f21b494e5c0ce97f10a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180706/dfd89b94/attachment.html>

More information about the debian-security-tracker-commits mailing list