[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Jun 2 16:45:47 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
51920883 by Salvatore Bonaccorso at 2018-06-02T17:45:21+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -243,7 +243,7 @@ CVE-2018-11565 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 b
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1772774
 CVE-2018-11564 (Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to ...)
-	TODO: check
+	NOT-FOR-US: Pagekit CMS
 CVE-2018-11563
 	RESERVED
 CVE-2018-11562 (An issue was discovered in MISP 2.4.91. A vulnerability in ...)
@@ -355,7 +355,7 @@ CVE-2018-11524
 CVE-2018-11523 (upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such ...)
 	NOT-FOR-US: NUUO NVRmini
 CVE-2018-11522 (Yosoro 1.0.4 has stored XSS. ...)
-	TODO: check
+	NOT-FOR-US: Yosoro
 CVE-2018-11521
 	RESERVED
 CVE-2018-11520
@@ -9077,7 +9077,7 @@ CVE-2018-7978
 CVE-2018-7977
 	RESERVED
 CVE-2018-7976 (There is a stored cross-site scripting (XSS) vulnerability in Huawei ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2018-7975
 	RESERVED
 CVE-2018-7974
@@ -9127,11 +9127,11 @@ CVE-2018-7953
 CVE-2018-7952
 	RESERVED
 CVE-2018-7951 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2018-7950 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2018-7949 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2018-7948
 	RESERVED
 CVE-2018-7947
@@ -10423,7 +10423,7 @@ CVE-2018-7536 (An issue was discovered in Django 2.0 before 2.0.3, 1.11 before .
 CVE-2018-7535
 	RESERVED
 CVE-2018-7534 (In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth ...)
-	TODO: check
+	NOT-FOR-US: Stealth Authorization Server
 CVE-2018-7533 (An Incorrect Default Permissions issue was discovered in OSIsoft PI ...)
 	NOT-FOR-US: OSIsoft PI
 CVE-2018-7532 (Unauthentication vulnerabilities have been identified in Geutebruck ...)
@@ -16767,17 +16767,17 @@ CVE-2018-5528
 CVE-2018-5527
 	RESERVED
 CVE-2018-5526 (Under certain conditions, on F5 BIG-IP ASM 13.1.0-13.1.0.5, Behavioral ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5525 (A local file vulnerability exists in the F5 BIG-IP Configuration ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5524 (Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5523 (On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5522 (On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5521 (On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5520 (On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5519 (On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, ...)
@@ -16793,7 +16793,7 @@ CVE-2018-5515 (On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication respons
 CVE-2018-5514 (On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5513 (On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5512 (On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5511 (On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated ...)
@@ -21252,7 +21252,7 @@ CVE-2017-17971 (The test_sql_and_script_inject function in htdocs/main.inc.php i
 	[jessie] - dolibarr <no-dsa> (Minor issue)
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/8000
 CVE-2018-3809 (Information exposure through directory listings in serve 6.5.3 allows ...)
-	TODO: check
+	NOT-FOR-US: serve nodejs module
 CVE-2018-3808
 	RESERVED
 CVE-2018-3807



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/51920883f997ad7f83289b9c354844b724811ce7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/51920883f997ad7f83289b9c354844b724811ce7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180602/5516486c/attachment.html>

More information about the debian-security-tracker-commits mailing list