[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Jul 23 21:36:24 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d6068bff by Salvatore Bonaccorso at 2018-07-23T22:36:03+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -40,9 +40,9 @@ CVE-2018-1999010 (FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e
 CVE-2018-1999009 (October CMS version prior to Build 437 contains a Local File Inclusion ...)
-	TODO: check
+	NOT-FOR-US: October CMS
 CVE-2018-1999008 (October CMS version prior to build 437 contains a Cross Site Scripting ...)
-	TODO: check
+	NOT-FOR-US: October CMS
 CVE-2018-14568
 	RESERVED
 CVE-2018-14567
@@ -50,13 +50,13 @@ CVE-2018-14567
 CVE-2018-14566
 	RESERVED
 CVE-2018-14565 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. A ...)
-	TODO: check
+	NOT-FOR-US: THULAC
 CVE-2018-14564 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. A ...)
-	TODO: check
+	NOT-FOR-US: THULAC
 CVE-2018-14563 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. ...)
-	TODO: check
+	NOT-FOR-US: THULAC
 CVE-2018-14562 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. A ...)
-	TODO: check
+	NOT-FOR-US: THULAC
 CVE-2018-14561
 	RESERVED
 CVE-2018-14560
@@ -84,7 +84,7 @@ CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8
 CVE-2018-14550
 	RESERVED
 CVE-2018-14549 (An issue has been found in libwav through 2017-04-20. It is a SEGV in ...)
-	TODO: check
+	NOT-FOR-US: libwav
 CVE-2018-14548
 	RESERVED
 CVE-2018-14547
@@ -92,11 +92,11 @@ CVE-2018-14547
 CVE-2018-14546
 	RESERVED
 CVE-2018-14545 (There exists one invalid memory read bug in ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-14544 (There exists one invalid memory read bug in ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-14543 (There exists one NULL pointer dereference vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-14542
 	RESERVED
 CVE-2018-14541
@@ -118,9 +118,9 @@ CVE-2018-14534
 CVE-2018-14533
 	RESERVED
 CVE-2018-14532 (An issue was discovered in Bento4 1.5.1-624. There is a heap-based ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-14531 (An issue was discovered in Bento4 1.5.1-624. There is an unspecified ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-14530
 	RESERVED
 CVE-2018-14529
@@ -128,7 +128,7 @@ CVE-2018-14529
 CVE-2018-14528
 	RESERVED
 CVE-2018-14527 (Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection ...)
-	TODO: check
+	NOT-FOR-US: Xiao5uCompany
 CVE-2018-14526
 	RESERVED
 CVE-2018-14525
@@ -148,17 +148,17 @@ CVE-2018-14519
 CVE-2018-14518
 	RESERVED
 CVE-2018-14517 (SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2018-14516
 	RESERVED
 CVE-2018-14515 (A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote ...)
-	TODO: check
+	NOT-FOR-US: WUZHI CMS
 CVE-2018-14514 (An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-14513 (An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is ...)
-	TODO: check
+	NOT-FOR-US: WUZHI CMS
 CVE-2018-14512 (An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is ...)
-	TODO: check
+	NOT-FOR-US: WUZHI CMS
 CVE-2018-14511
 	RESERVED
 CVE-2018-14510
@@ -20465,7 +20465,7 @@ CVE-2018-6685
 CVE-2018-6684
 	RESERVED
 CVE-2018-6683 (Exploiting Incorrectly Configured Access Control Security Levels ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2018-6682
 	RESERVED
 CVE-2018-6681 (Abuse of Functionality vulnerability in the web interface in McAfee ...)
@@ -20475,9 +20475,9 @@ CVE-2018-6680
 CVE-2018-6679
 	RESERVED
 CVE-2018-6678 (Configuration/Environment manipulation vulnerability in the ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2018-6677 (Directory Traversal vulnerability in the administrative user interface ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2018-6676
 	RESERVED
 CVE-2018-6675
@@ -34752,7 +34752,7 @@ CVE-2018-1515 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server)
 CVE-2018-1514 (IBM Robotic Process Automation with Automation Anywhere 10.0 is ...)
 	NOT-FOR-US: IBM
 CVE-2018-1513 (IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1512
 	RESERVED
 CVE-2018-1511
@@ -34772,7 +34772,7 @@ CVE-2018-1505
 CVE-2018-1504
 	RESERVED
 CVE-2018-1503 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1502 (IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1501



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d6068bff70e51f74aab9e9c0ac472c9713a10ead

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d6068bff70e51f74aab9e9c0ac472c9713a10ead
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180723/29cc65f6/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list