[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6d7f7eca by Salvatore Bonaccorso at 2018-07-10T21:41:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,29 +3,29 @@ CVE-2018-13797 [node macaddress command injection]
 	NOTE: https://github.com/scravy/node-macaddress/pull/20
 	NOTE: nodejs not covered by security support
 CVE-2018-13795 (Gravity before 0.5.1 does not support a maximum recursion depth. ...)
-	TODO: check
+	NOT-FOR-US: Gravity
 CVE-2018-13794 (A heap-based buffer overflow exists in stbi__bmp_load_cont in ...)
 	TODO: check
 CVE-2018-13793 (Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP ...)
-	TODO: check
+	NOT-FOR-US: ABBYY FlexiCapture
 CVE-2018-13792
 	RESERVED
 CVE-2018-13791 (The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows ...)
-	TODO: check
+	NOT-FOR-US: ABBYY FlexiCapture
 CVE-2018-13790 (A Server Side Request Forgery (SSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: concrete5
 CVE-2018-13789
 	RESERVED
 CVE-2018-13788
 	RESERVED
 CVE-2018-1000623 (JFrog JFrog Artifactory version Prior to version 6.0.3, since version ...)
-	TODO: check
+	NOT-FOR-US: JFrog JFrog Artifactory
 CVE-2018-1000621 (Mycroft AI mycroft-core version 18.2.8b and earlier contains a ...)
-	TODO: check
+	NOT-FOR-US: Mycroft AI mycroft-core
 CVE-2018-1000620 (Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: ...)
-	TODO: check
+	NOT-FOR-US: Eran Hammer cryptiles
 CVE-2018-1000619 (Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input ...)
-	TODO: check
+	NOT-FOR-US: Ovidentia
 CVE-2018-1000618 (EOSIO/eos eos version after commit ...)
 	TODO: check
 CVE-2018-1000617 (Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d7f7ecaecc2cd2001eef9d479c8632a4d5aaabe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d7f7ecaecc2cd2001eef9d479c8632a4d5aaabe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180710/edaf73f5/attachment.html>