[Git][security-tracker-team/security-tracker][master] 2 commits: NFUs

Moritz Muehlenhoff jmm at debian.org
Mon Jun 25 16:08:33 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4ad7903d by Moritz Muehlenhoff at 2018-06-25T17:07:20+02:00
NFUs

- - - - -
7bfeb3fe by Moritz Muehlenhoff at 2018-06-25T17:08:13+02:00
Merge branch 'master' of https://salsa.debian.org/security-tracker-team/security-tracker

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -208,7 +208,7 @@ CVE-2018-12641 (An issue was discovered in arm_pt in cplus-dem.c in GNU libibert
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85452
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23058
 CVE-2018-12640 (The webService binary on Insteon HD IP Camera White 2864-222 devices ...)
-	TODO: check
+	NOT-FOR-US: Insteon
 CVE-2018-12639
 	RESERVED
 CVE-2018-12638
@@ -3007,7 +3007,7 @@ CVE-2018-11562 (An issue was discovered in MISP 2.4.91. A vulnerability in ...)
 CVE-2018-11561
 	RESERVED
 CVE-2018-11560 (The webService binary on Insteon HD IP Camera White 2864-222 devices ...)
-	TODO: check
+	NOT-FOR-US: Insteon
 CVE-2018-11559 (DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" ...)
 	NOT-FOR-US: DomainMod
 CVE-2018-11558 (DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" ...)
@@ -16335,7 +16335,7 @@ CVE-2018-6565
 CVE-2018-6564
 	RESERVED
 CVE-2018-6563 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: totemomail Encryption Gateway
 CVE-2018-6562 (totemomail Encryption Gateway before 6.0_b567 allows remote attackers ...)
 	NOT-FOR-US: totemomail Encryption Gateway
 CVE-2018-6561 (dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute ...)
@@ -18707,25 +18707,25 @@ CVE-2018-5865
 CVE-2018-5864
 	RESERVED
 CVE-2018-5863 (If userspace provides a too-large WPA RSN IE length in ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5862
 	RESERVED
 CVE-2018-5861
 	RESERVED
 CVE-2018-5860 (In the MDSS driver in all Android releases(Android for MSM, Firefox OS ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5859
 	RESERVED
 CVE-2018-5858
 	RESERVED
 CVE-2018-5857 (In the WCD CPE codec, a Use After Free condition can occur in all ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5856
 	RESERVED
 CVE-2018-5855
 	RESERVED
 CVE-2018-5854 (A stack-based buffer overflow can occur in fastboot from all Android ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5853
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
@@ -19844,11 +19844,11 @@ CVE-2018-5436
 CVE-2018-5435
 	RESERVED
 CVE-2018-5434 (The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime ...)
-	TODO: check
+	NOT-FOR-US: TIBCO Runtime Agent
 CVE-2018-5433 (The TIBCO Administrator server component of TIBCO Software Inc.'s ...)
-	TODO: check
+	NOT-FOR-US: TIBCO Administrator
 CVE-2018-5432 (The TIBCO Administrator server component of of TIBCO Software Inc.'s ...)
-	TODO: check
+	NOT-FOR-US: TIBCO Administrator
 CVE-2018-5431 (The domain designer component of TIBCO Software Inc.'s TIBCO ...)
 	- jasperreports <undetermined>
 	[jessie] - jasperreports <end-of-life> (not supported in Jessie)
@@ -19865,7 +19865,7 @@ CVE-2018-5429 (A vulnerability in the report scripting component of TIBCO Softwa
 	[wheezy] - jasperreports <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5429
 CVE-2018-5428 (The version control adapters component of TIBCO Data Virtualization ...)
-	TODO: check
+	NOT-FOR-US: TIBCO Data Virtualization
 CVE-2018-5427
 	RESERVED
 CVE-2018-5426
@@ -21638,7 +21638,7 @@ CVE-2018-4835 (A vulnerability has been identified in TeleControl Server Basic &
 CVE-2018-4834 (A vulnerability has been identified in Desigo Automation Controllers ...)
 	NOT-FOR-US: Desigo
 CVE-2018-4833 (A vulnerability has been identified in RFID 181-EIP (All versions), ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2018-4832 (A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All ...)
 	NOT-FOR-US: Siemens
 CVE-2018-4831



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/501ec23cf6e4b0066728e2290dcca4ed2831d053...7bfeb3fe0f40be433ad123a062577eb602303654

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/501ec23cf6e4b0066728e2290dcca4ed2831d053...7bfeb3fe0f40be433ad123a062577eb602303654
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180625/6701a8ef/attachment.html>

More information about the debian-security-tracker-commits mailing list