[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Wed Mar 14 21:37:25 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1f8cec57 by Salvatore Bonaccorso at 2018-03-14T22:36:41+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1222,7 +1222,7 @@ CVE-2018-1000132 (Mercurial version 4.5 and earlier contains a Incorrect Access 
 	NOTE: 4.4: 4843835c835::7cf827e5f8af
 	NOTE: 4.3: db527ae12671::86f9a022ccb8
 CVE-2018-1000131 (Pradeep Makone wordpress Support Plus Responsive Ticket System version ...)
-	TODO: check
+	NOT-FOR-US: Pradeep Makone wordpress Support Plus Responsive Ticket System
 CVE-2018-1000130 (A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 ...)
 	TODO: check
 CVE-2018-1000129 (An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the ...)
@@ -1255,7 +1255,7 @@ CVE-2018-8098 (Integer overflow in the index.c:read_entry() function while ...)
 	NOTE: https://github.com/libgit2/libgit2/commit/3207ddb0103543da8ad2139ec6539f590f9900c1
 	NOTE: https://github.com/libgit2/libgit2/commit/3db1af1f370295ad5355b8f64b865a2a357bcac0
 CVE-2018-8097 (io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote ...)
-	TODO: check
+	NOT-FOR-US: pyeve
 CVE-2018-8096 (Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass ...)
 	TODO: check
 CVE-2018-8095
@@ -1269,7 +1269,7 @@ CVE-2018-1000127 (memcached version prior to 1.4.37 contains an Integer Overflow
 CVE-2018-1000126 (Ajenti version 2 contains an Information Disclosure vulnerability in ...)
 	- ajenti <itp> (bug #792019)
 CVE-2018-1000125 (inversoft prime-jwt version prior to version 1.3.0 or prior to commit ...)
-	TODO: check
+	NOT-FOR-US: inversoft prime-jwt
 CVE-2018-1000124 (I Librarian I-librarian version 4.8 and earlier contains a XML ...)
 	TODO: check
 CVE-2018-1000123 (Ionic Team Cordova plugin iOS Keychain version before commit ...)
@@ -2054,7 +2054,7 @@ CVE-2017-18222 (In the Linux kernel before 4.12, Hisilicon Network Subsystem (HN
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 CVE-2018-7756 (RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices ...)
-	TODO: check
+	NOT-FOR-US: RunExeFile.exe in the installer for DEWESoft X3 SP1 devices
 CVE-2018-7755 (An issue was discovered in the fd_locked_ioctl function in ...)
 	- linux <unfixed>
 	NOTE: https://lkml.org/lkml/2018/3/7/1116
@@ -2808,7 +2808,7 @@ CVE-2018-7543
 CVE-2018-7539
 	RESERVED
 CVE-2018-7538 (A SQL injection vulnerability in the tracker functionality of Enalean ...)
-	TODO: check
+	NOT-FOR-US: Enalean Tuleap
 CVE-2018-7542 (An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH ...)
 	{DSA-4131-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f8cec5722c041a70db94c7b2df26180f72b3896

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f8cec5722c041a70db94c7b2df26180f72b3896
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180314/6d4aa08d/attachment.html>
