[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Jul 11 20:56:04 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
abf6e23d by Salvatore Bonaccorso at 2018-07-11T21:55:42+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -27,7 +27,7 @@ CVE-2018-13867 (An issue was discovered in the HDF HDF5 1.8.20 library. There is
 CVE-2018-13866 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
 	TODO: check
 CVE-2018-13865 (An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-13864
 	RESERVED
 CVE-2018-13862
@@ -1047,9 +1047,9 @@ CVE-2018-13391
 CVE-2018-13390
 	RESERVED
 CVE-2018-13389 (The attachment resource in Atlassian Confluence before version 6.6.1 ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Confluence
 CVE-2018-13388 (The review attachment resource in Atlassian Fisheye and Crucible ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Fisheye and Crucible
 CVE-2018-13387
 	RESERVED
 CVE-2018-13386
@@ -3314,9 +3314,9 @@ CVE-2018-12464 (A SQL injection vulnerability in the web administration and quar
 CVE-2018-12463
 	RESERVED
 CVE-2018-12462 (NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. ...)
-	TODO: check
+	NOT-FOR-US: NetIQ iManager
 CVE-2018-12461 (Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking ...)
-	TODO: check
+	NOT-FOR-US: NetIQ eDirectory
 CVE-2018-12460 (libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the ...)
 	[experimental] - ffmpeg 7:4.0.1-1 (low)
 	- ffmpeg <not-affected> (Introduced after 3.4)
@@ -4018,7 +4018,7 @@ CVE-2018-12234
 CVE-2018-12231
 	RESERVED
 CVE-2018-12230 (An wrong logical check identified in the transferFrom function of a ...)
-	TODO: check
+	NOT-FOR-US: smart contract implementation for RemiCoin (RMC)
 CVE-2018-12229 (Cross-site scripting (XSS) vulnerability in Public Knowledge Project ...)
 	NOT-FOR-US: Public Knowledge Project (PKP) Open Journal System (OJS)
 CVE-2017-18291 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...)
@@ -5964,7 +5964,7 @@ CVE-2018-11452
 CVE-2018-11451
 	RESERVED
 CVE-2018-11450 (A reflected Cross-Site-Scripting (XSS) vulnerability has been ...)
-	TODO: check
+	NOT-FOR-US: Siemens PLM Software TEAMCENTER
 CVE-2018-11449 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
 	NOT-FOR-US: SCALANCE
 CVE-2018-11448 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
@@ -7312,7 +7312,7 @@ CVE-2018-10945 (The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows
 CVE-2018-10944 (The request_dividend function of a smart contract implementation for ...)
 	NOT-FOR-US: Rasputin Online Coin
 CVE-2018-10943 (An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base ...)
-	TODO: check
+	NOT-FOR-US: Barco ClickShare CSE-200 and CS-100 Base Units
 CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute Wizard ...)
 	NOT-FOR-US: Attribute Wizard addon for PrestaShop
 CVE-2018-10941
@@ -10085,7 +10085,7 @@ CVE-2018-9855
 CVE-2018-9854
 	RESERVED
 CVE-2018-9853 (Insecure access control in freeSSHd version 1.3.1 allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: freeSSHd
 CVE-2018-9852 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows ...)
 	NOT-FOR-US: Gxlcms QY
 CVE-2018-9851 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abf6e23d180ecd3118526a00bdbfa1967c5e2d96

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abf6e23d180ecd3118526a00bdbfa1967c5e2d96
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180711/cc4ce14d/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list