[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Mar 14 21:18:55 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9f322a8b by Salvatore Bonaccorso at 2018-03-14T22:18:26+01:00
Process NFUs
- - - - -
5ef4d6ae by Salvatore Bonaccorso at 2018-03-14T22:18:27+01:00
Add new webmin issue
- - - - -
96d98e94 by Salvatore Bonaccorso at 2018-03-14T22:18:27+01:00
Add CVE-2018-1000132/mercurial
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,19 +1,19 @@
CVE-2018-8717 (joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator ...)
- TODO: check
+ NOT-FOR-US: joyplus-cms
CVE-2018-8716
RESERVED
CVE-2018-8715 (The Embedthis HTTP library, and Appweb versions before 7.0.3, have a ...)
- TODO: check
+ NOT-FOR-US: Embedthis HTTP library / Appweb
CVE-2018-8714
RESERVED
CVE-2018-8713
RESERVED
CVE-2018-8712 (An issue was discovered in Webmin 1.840 and 1.880 when the default Yes ...)
- TODO: check
+ - webmin <removed>
CVE-2018-8711 (A local file inclusion issue was discovered in the WooCommerce Products ...)
- TODO: check
+ NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
CVE-2018-8710 (A remote code execution issue was discovered in the WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
CVE-2018-8709
RESERVED
CVE-2018-8708
@@ -1215,7 +1215,8 @@ CVE-2018-8111
CVE-2018-8110
RESERVED
CVE-2018-1000132 (Mercurial version 4.5 and earlier contains a Incorrect Access Control ...)
- TODO: check
+ - mercurial <unfixed>
+ NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29
CVE-2018-1000131 (Pradeep Makone wordpress Support Plus Responsive Ticket System version ...)
TODO: check
CVE-2018-1000130 (A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9451e95f2c9110027b1fced6dae4014172c6e65c...96d98e943a4484358178c8de1322857f6fb0b8f4
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9451e95f2c9110027b1fced6dae4014172c6e65c...96d98e943a4484358178c8de1322857f6fb0b8f4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180314/ac8e96b0/attachment-0001.html>
More information about the Secure-testing-commits
mailing list