[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Mar 1 22:07:38 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
89251bcd by Salvatore Bonaccorso at 2018-03-01T23:07:12+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -33,7 +33,7 @@ CVE-2017-18209 (In the GetOpenCLCachedFilesDirectory function in magick/opencl.c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6ac2858a87df6d645813e43928b4f01a3169ad3f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cca91aa1861818342e3d072bb0fad7dc4ffac24a
 CVE-2018-7579 (\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has ...)
-	TODO: check
+	NOT-FOR-US: YzmCMS
 CVE-2018-7578
 	RESERVED
 CVE-2018-7577
@@ -45,7 +45,7 @@ CVE-2018-7575
 CVE-2018-7574
 	RESERVED
 CVE-2018-7573 (An issue was discovered in FTPShell Client 6.7. A remote FTP server can ...)
-	TODO: check
+	NOT-FOR-US: FTPShell Client
 CVE-2018-7572
 	RESERVED
 CVE-2018-7571
@@ -113,7 +113,7 @@ CVE-2018-7563
 CVE-2018-7562
 	RESERVED
 CVE-2018-7561 (Stack-based Buffer Overflow in httpd on Tenda AC9 devices ...)
-	TODO: check
+	NOT-FOR-US: Tenda AC9 devices
 CVE-2018-7560
 	RESERVED
 CVE-2018-7559
@@ -1679,11 +1679,11 @@ CVE-2017-18189 (In the startread function in xa.c in Sound eXchange (SoX) throug
 	[jessie] - sox <no-dsa> (Minor issue)
 	NOTE: https://public-inbox.org/sox-devel/20171109114554.16297-1-mans@mansr.com/raw
 CVE-2018-7049 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There ...)
-	TODO: check
+	NOT-FOR-US: Wowza Streaming Engine
 CVE-2018-7048 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There ...)
-	TODO: check
+	NOT-FOR-US: Wowza Streaming Engine
 CVE-2018-7047 (An issue was discovered in the MBeans Server in Wowza Streaming Engine ...)
-	TODO: check
+	NOT-FOR-US: Wowza Streaming Engine
 CVE-2018-7046 (** DISPUTED ** Arbitrary code execution vulnerability in Kentico 9 ...)
 	NOT-FOR-US: Kentico
 CVE-2018-7045
@@ -5951,9 +5951,9 @@ CVE-2018-5503
 CVE-2018-5502
 	RESERVED
 CVE-2018-5501 (In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5500 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5499
 	RESERVED
 CVE-2018-5498
@@ -6418,7 +6418,7 @@ CVE-2018-5316 (The "SagePay Server Gateway for WooCommerce" plugin bef
 CVE-2018-5315 (The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL ...)
 	NOT-FOR-US: Wachipi WP Events Calendar plugin for WordPress
 CVE-2018-5314 (Command injection vulnerability in Citrix NetScaler ADC and NetScaler ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2017-1000465 (Sulu-standard version 1.6.6 is vulnerable to stored cross-site ...)
 	NOT-FOR-US: Sulu-standard
 CVE-2017-1000429 (rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file ...)
@@ -13936,7 +13936,7 @@ CVE-2018-2382 (A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EX
 CVE-2018-2381 (SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, ...)
 	NOT-FOR-US: SAP ERP Financials Information System
 CVE-2018-2380 (SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to ...)
-	TODO: check
+	NOT-FOR-US: SAP CRM
 CVE-2018-2379 (In SAP HANA Extended Application Services, 1.0, an unauthenticated ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2378 (In SAP HANA Extended Application Services, 1.0, unauthorized users can ...)
@@ -13960,13 +13960,13 @@ CVE-2018-2370 (Server Side Request Forgery (SSRF) vulnerability in SAP Central .
 CVE-2018-2369 (Under certain conditions SAP HANA, 1.00, 2.00, allows an ...)
 	NOT-FOR-US: SAP HANA
 CVE-2018-2368 (SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver System Landscape Directory
 CVE-2018-2367 (ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to ...)
-	TODO: check
+	NOT-FOR-US: SAP BASIS
 CVE-2018-2366
 	RESERVED
 CVE-2018-2365 (SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver Portal
 CVE-2018-2364 (SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND ...)
 	NOT-FOR-US: SAP
 CVE-2018-2363 (SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/89251bcda35687799762c9b2c4c470aa7912f6da

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/89251bcda35687799762c9b2c4c470aa7912f6da
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180301/3bebf95b/attachment-0001.html>

More information about the Secure-testing-commits mailing list