[Git][security-tracker-team/security-tracker][master] Process NFUs

Sat Jul 7 10:50:21 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bece2e1e by Salvatore Bonaccorso at 2018-07-07T11:49:47+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -16,11 +16,11 @@ CVE-2018-13410 (** DISPUTED ** Info-ZIP Zip 3.0, when the -T and -TT command-lin
 	- zip <unfixed>
 	NOTE: http://seclists.org/fulldisclosure/2018/Jul/24
 CVE-2018-13409 (An issue was discovered in Jirafeau before 3.4.1. The "search file by ...)
-	TODO: check
+	NOT-FOR-US: Jirafeau
 CVE-2018-13408 (An issue was discovered in Jirafeau before 3.4.1. The "search file by ...)
-	TODO: check
+	NOT-FOR-US: Jirafeau
 CVE-2018-13407 (A CSRF issue was discovered in Jirafeau before 3.4.1. The "delete file" ...)
-	TODO: check
+	NOT-FOR-US: Jirafeau
 CVE-2018-13406 (An integer overflow in the uvesafb_setcmap function in ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/9f645bcc566a1e9f921bdae7528a01ced5bc3713
@@ -632,11 +632,11 @@ CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta 1 allows remot
 CVE-2018-13111
 	RESERVED
 CVE-2018-13110 (All ADB broadband gateways / routers based on the Epicentro platform ...)
-	TODO: check
+	NOT-FOR-US: ADB broadband gateways / routers
 CVE-2018-13109 (All ADB broadband gateways / routers based on the Epicentro platform ...)
-	TODO: check
+	NOT-FOR-US: ADB broadband gateways / routers
 CVE-2018-13108 (All ADB broadband gateways / routers based on the Epicentro platform ...)
-	TODO: check
+	NOT-FOR-US: ADB broadband gateways / routers
 CVE-2018-13107
 	RESERVED
 CVE-2018-13106 (ClipperCMS 1.3.3 has stored XSS via the "Tools -> Configuration" screen ...)
@@ -5859,7 +5859,7 @@ CVE-2018-11126 (dg-user/?controller=users&action=add in doorGets 7.0 has CSR
 CVE-2018-11125
 	REJECTED
 CVE-2018-11124 (Cross-site scripting (XSS) vulnerability in Attributes functionality ...)
-	TODO: check
+	NOT-FOR-US: Open-AudIT Community
 CVE-2018-11123
 	RESERVED
 CVE-2018-11122
@@ -11362,7 +11362,7 @@ CVE-2018-8931 (The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have .
 CVE-2018-8930 (The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips ...)
 	NOT-FOR-US: AMD
 CVE-2018-8929 (Improper restriction of communication channel to intended endpoints ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2018-8928 (Cross-site scripting (XSS) vulnerability in Address Book Editor in ...)
 	NOT-FOR-US: Synology
 CVE-2018-8927 (Improper authorization vulnerability in SYNO.Cal.Event in Calendar ...)
@@ -26430,7 +26430,7 @@ CVE-2017-17936 (Vanguard Marketplace Digital Products PHP has CSRF via /search. 
 CVE-2018-3609 (A vulnerability in the Trend Micro InterScan Messaging Security ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-3608 (A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-3607 (XXXTreeNode method SQL injection remote code execution (RCE) ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-3606 (XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL ...)
@@ -31495,7 +31495,7 @@ CVE-2018-1678
 CVE-2018-1677
 	RESERVED
 CVE-2018-1676 (IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM Planning Analytics
 CVE-2018-1675
 	RESERVED
 CVE-2018-1674
@@ -31605,7 +31605,7 @@ CVE-2018-1623
 CVE-2018-1622
 	RESERVED
 CVE-2018-1621 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2018-1620
 	RESERVED
 CVE-2018-1619
@@ -31735,9 +31735,9 @@ CVE-2018-1558
 CVE-2018-1557
 	RESERVED
 CVE-2018-1556 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: IBM FileNet Content Manager
 CVE-2018-1555 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: IBM FileNet Content Manager
 CVE-2018-1554
 	RESERVED
 CVE-2018-1553 (IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow ...)
@@ -31755,7 +31755,7 @@ CVE-2018-1548
 CVE-2018-1547 (IBM Robotic Process Automation with Automation Anywhere 10.0 could ...)
 	NOT-FOR-US: IBM
 CVE-2018-1546 (IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker ...)
-	TODO: check
+	NOT-FOR-US: IBM API Connect
 CVE-2018-1545
 	RESERVED
 CVE-2018-1544 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
@@ -31763,7 +31763,7 @@ CVE-2018-1544 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server)
 CVE-2018-1543 (IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain ...)
 	NOT-FOR-US: IBM
 CVE-2018-1542 (IBM FileNet Content Manager, IBM Content Foundation, and IBM Case ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1541
 	RESERVED
 CVE-2018-1540
@@ -31859,7 +31859,7 @@ CVE-2018-1496 (IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is ..
 CVE-2018-1495 (IBM FlashSystem V840 and V900 products could allow an authenticated ...)
 	NOT-FOR-US: IBM
 CVE-2018-1494 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1493
 	RESERVED
 CVE-2018-1492



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bece2e1ee6fc4da9cf943c5be23cce484e0b4adb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bece2e1ee6fc4da9cf943c5be23cce484e0b4adb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180707/e5b07acd/attachment.html>
