[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Mar 3 09:25:38 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f9aafce9 by Salvatore Bonaccorso at 2018-03-03T10:25:14+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -652,7 +652,7 @@ CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-
CVE-2018-7434 (zzcms 8.2 allows remote attackers to discover the full path via a ...)
NOT-FOR-US: zzcms
CVE-2018-7433 (The iThemes Security plugin before 6.9.1 for WordPress does not ...)
- TODO: check
+ NOT-FOR-US: iThemes Security plugin for WordPress
CVE-2018-7432
RESERVED
CVE-2018-7431
@@ -3445,7 +3445,7 @@ CVE-2018-6492
CVE-2018-6491
RESERVED
CVE-2018-6490 (Denial of Service vulnerability in Micro Focus Operations ...)
- TODO: check
+ NOT-FOR-US: Micro Focus Operations Orchestration Software
CVE-2018-6489 (XML External Entity (XXE) vulnerability in Micro Focus Project and ...)
NOT-FOR-US: Micro Focus Project and Portfolio Management Center
CVE-2018-6488 (Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, ...)
@@ -16166,7 +16166,7 @@ CVE-2018-1375
CVE-2018-1374
RESERVED
CVE-2018-1373 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an ...)
- TODO: check
+ NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1372 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not ...)
NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1371
@@ -17404,9 +17404,9 @@ CVE-2018-1172
CVE-2018-1171
RESERVED
CVE-2018-1170 (This vulnerability allows adjacent attackers to inject arbitrary ...)
- TODO: check
+ NOT-FOR-US: Volkswagen Customer-Link App and HTC Customer-Link Bridge
CVE-2018-1169 (This vulnerability allows remote attackers to execute arbitrary code ...)
- TODO: check
+ NOT-FOR-US: Amazon Music Player
CVE-2018-1168 (This vulnerability allows local attackers to escalate privileges on ...)
NOT-FOR-US: ABB MicroSCADA
CVE-2018-1167
@@ -43390,7 +43390,7 @@ CVE-2017-9461 (smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial o
NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=10c3e3923022485c720f322ca4f0aca5d7501310
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12572
CVE-2017-9447 (In the web interface of Parallels Remote Application Server (RAS) 15.5 ...)
- TODO: check
+ NOT-FOR-US: Parallels Remote Application Server
CVE-2017-9446
RESERVED
CVE-2017-9445 (In systemd through 233, certain sizes passed to dns_packet_new in ...)
@@ -44074,7 +44074,7 @@ CVE-2017-9289 (Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS
CVE-2017-9288 (The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-9286 (The packaging of NextCloud in openSUSE used /srv/www/htdocs in an ...)
- TODO: check
+ NOT-FOR-US: OpenSUSE specific packaging issue of NextCloud
CVE-2017-9285 (NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions ...)
TODO: check
CVE-2017-9284
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9aafce95043d585c9b51e09509c12e551af5ddc
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9aafce95043d585c9b51e09509c12e551af5ddc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180303/a932faf6/attachment.html>
More information about the Secure-testing-commits
mailing list