[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
724d27d0 by Salvatore Bonaccorso at 2018-06-05T08:05:49+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2771,15 +2771,15 @@ CVE-2018-10617
 CVE-2018-10616
 	RESERVED
 CVE-2018-10615 (Directory traversal may lead to files being exfiltrated or deleted on ...)
-	TODO: check
+	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
 CVE-2018-10614
 	RESERVED
 CVE-2018-10613 (Multiple variants of XML External Entity (XXE) attacks may be used to ...)
-	TODO: check
+	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
 CVE-2018-10612
 	RESERVED
 CVE-2018-10611 (Java remote method invocation (RMI) input port in GE MDS PulseNET and ...)
-	TODO: check
+	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
 CVE-2018-10610
 	RESERVED
 CVE-2018-10609
@@ -27159,7 +27159,7 @@ CVE-2018-1602
 CVE-2018-1601
 	RESERVED
 CVE-2018-1600 (IBM BigFix Platform 9.2 and 9.5 transmits sensitive or ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1599
 	RESERVED
 CVE-2018-1598
@@ -35532,7 +35532,7 @@ CVE-2016-10686 (fis-sass-all is another libsass wrapper for node. fis-sass-all .
 CVE-2016-10685 (pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox ...)
 	TODO: check
 CVE-2016-10684 (healthcenter - IBM Monitoring and Diagnostic Tools health Center agent ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-10683 (arcanist downloads resources over HTTP, which leaves it vulnerable to ...)
 	TODO: check
 CVE-2016-10682 (massif is a Phantomjs fork massif downloads resources over HTTP, which ...)
@@ -79066,7 +79066,7 @@ CVE-2017-1750 (IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 throug
 CVE-2017-1749
 	RESERVED
 CVE-2017-1748 (IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1747 (A specially crafted message could cause a denial of service in IBM ...)
 	NOT-FOR-US: IBM
 CVE-2017-1746 (IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/724d27d0ace678316779d46bf298d8133a6dc043

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/724d27d0ace678316779d46bf298d8133a6dc043
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180605/4aa708d4/attachment.html>