[Git][security-tracker-team/security-tracker][master] Move move NFUs for Brave Browser to source tracking entry

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
562f5e36 by Salvatore Bonaccorso at 2018-05-07T22:16:30+02:00
Move move NFUs for Brave Browser to source tracking entry

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3718,9 +3718,9 @@ CVE-2018-9236 (iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the 
 CVE-2018-9235 (iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query ...)
 	NOT-FOR-US: iScripts SonicBB
 CVE-2017-18256 (Brave Browser before 0.13.0 allows remote attackers to cause a denial ...)
-	NOT-FOR-US: Brave Browser
+	- brave-browser <itp> (bug #864795)
 CVE-2016-10718 (Brave Browser before 0.13.0 allows a tab to close itself even if the ...)
-	NOT-FOR-US: Brave Browser
+	- brave-browser <itp> (bug #864795)
 CVE-2018-9234 (GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key ...)
 	- gnupg2 <unfixed> (low; bug #894983)
 	[stretch] - gnupg2 <no-dsa> (Minor issue)
@@ -16144,7 +16144,7 @@ CVE-2017-1000467 (LavaLite version 5.2.4 is vulnerable to stored cross-site scri
 CVE-2017-1000462 (BookStack version 0.18.4 is vulnerable to stored cross-site scripting, ...)
 	NOT-FOR-US: BookStack
 CVE-2017-1000461 (Brave Software's Brave Browser, version 0.19.73 (and earlier) is ...)
-	NOT-FOR-US: Brave Software's Brave Browser
+	- brave-browser <itp> (bug #864795)
 CVE-2017-1000460 (In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), ...)
 	- libav <removed>
 	- ffmpeg 7:3.1.1-1
@@ -55420,9 +55420,9 @@ CVE-2017-8461 (Windows RPC with Routing and Remote Access enabled in Windows XP 
 CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in which ...)
-	NOT-FOR-US: Brave
+	- brave-browser <itp> (bug #864795)
 CVE-2017-8458 (Brave 0.12.4 has a URI Obfuscation issue in which a string such as ...)
-	NOT-FOR-US: Brave
+	- brave-browser <itp> (bug #864795)
 CVE-2017-8457
 	RESERVED
 CVE-2017-8456
@@ -80252,7 +80252,7 @@ CVE-2016-9475
 CVE-2016-9474
 	REJECTED
 CVE-2016-9473 (Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and ...)
-	NOT-FOR-US: Brave Browser
+	- brave-browser <itp> (bug #864795)
 CVE-2016-9472 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The ...)
 	NOT-FOR-US: Revive Adserver
 CVE-2016-9471 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/562f5e3682ab9608b528d8fe0e60fff82b40df26

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/562f5e3682ab9608b528d8fe0e60fff82b40df26
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180507/68f79adf/attachment.html>