[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Jul 12 22:16:23 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
00a3dfb4 by Salvatore Bonaccorso at 2018-07-12T23:16:00+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15,7 +15,7 @@ CVE-2018-14008
 CVE-2018-14007
 	RESERVED
 CVE-2018-14006 (An integer overflow vulnerability exists in the function ...)
-	TODO: check
+	NOT-FOR-US: Neo Genesis Token (NGT)
 CVE-2018-14005 (An integer overflow vulnerability exists in the function transferAny of ...)
 	NOT-FOR-US: Malaysia coins (Xmc)
 CVE-2018-14004 (An integer overflow vulnerability exists in the function ...)
@@ -33,9 +33,9 @@ CVE-2018-13999 (Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html ...
 CVE-2018-13998 (ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security ...)
 	NOT-FOR-US: ClipperCMS
 CVE-2018-13997 (Genann through 2018-07-08 has a SEGV in genann_run in genann.c. ...)
-	TODO: check
+	NOT-FOR-US: Genann
 CVE-2018-13996 (Genann through 2018-07-08 has a stack-based buffer over-read in ...)
-	TODO: check
+	NOT-FOR-US: Genann
 CVE-2018-13995
 	RESERVED
 CVE-2018-13994
@@ -376,7 +376,7 @@ CVE-2018-13838
 CVE-2018-13837
 	RESERVED
 CVE-2018-13836 (An integer overflow vulnerability exists in the function multiTransfer ...)
-	TODO: check
+	NOT-FOR-US: Rocket Coin (XRC)
 CVE-2018-13835
 	RESERVED
 CVE-2018-13834
@@ -490,7 +490,7 @@ CVE-2018-1000620 (Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331
 CVE-2018-1000619 (Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input ...)
 	NOT-FOR-US: Ovidentia
 CVE-2018-1000618 (EOSIO/eos eos version after commit ...)
-	TODO: check
+	NOT-FOR-US: EOSIO/eos
 CVE-2018-1000617 (Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and ...)
 	NOT-FOR-US: Atlassian Floodlight Atlassian Floodlight Controller
 CVE-2018-1000616 (ONOS ONOS controller version 1.13.1 and earlier contains a XML ...)
@@ -504,12 +504,12 @@ CVE-2018-1000613 (Legion of the Bouncy Castle Legion of the Bouncy Castle Java .
 	NOTE: https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
 	NOTE: https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
 CVE-2018-1000611 (SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross ...)
-	TODO: check
+	NOT-FOR-US: SURFnet OpenConext EngineBlock
 CVE-2018-1000622 (The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 ...)
 	- rustc <unfixed>
 	NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/4ybxYLTtXuM
 CVE-2018-13787 (Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and ...)
-	TODO: check
+	NOT-FOR-US: Supermicro
 CVE-2018-13786
 	RESERVED
 CVE-2018-13785 (In libpng 1.6.34, a wrong calculation of row_factor in the ...)
@@ -2214,11 +2214,11 @@ CVE-2018-12982 (Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() fun
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1595689
 	NOTE: https://sourceforge.net/p/podofo/tickets/22
 CVE-2018-12981 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 ...)
-	TODO: check
+	NOT-FOR-US: WAGO e!DISPLAY devices
 CVE-2018-12980 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 ...)
-	TODO: check
+	NOT-FOR-US: WAGO e!DISPLAY devices
 CVE-2018-12979 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 ...)
-	TODO: check
+	NOT-FOR-US: WAGO e!DISPLAY devices
 CVE-2018-12978
 	RESERVED
 CVE-2018-12977 (A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/00a3dfb46bcb415cfb33d55e766a8314854b23b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/00a3dfb46bcb415cfb33d55e766a8314854b23b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180712/d2221dfc/attachment.html>


More information about the debian-security-tracker-commits mailing list