[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue May 8 21:14:54 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c33351b by Salvatore Bonaccorso at 2018-05-08T22:14:27+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7,13 +7,13 @@ CVE-2018-10811
 CVE-2018-10810
 	RESERVED
 CVE-2018-10809 (In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) ...)
-	TODO: check
+	NOT-FOR-US: 2345 Security Guard
 CVE-2018-10808
 	RESERVED
 CVE-2018-10807
 	RESERVED
 CVE-2018-10806 (An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross ...)
-	TODO: check
+	NOT-FOR-US: Frog CMS
 CVE-2018-10805 (ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage ...)
 	TODO: check
 CVE-2018-10804 (ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage ...)
@@ -49,7 +49,7 @@ CVE-2018-10798 (A hang issue was discovered in Brave before 0.14.0 (on, for exam
 CVE-2018-10797
 	RESERVED
 CVE-2018-10796 (In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) ...)
-	TODO: check
+	NOT-FOR-US: 2345 Security Guard
 CVE-2018-10795 (Liferay 6.2.x and before has an FCKeditor configuration that allows an ...)
 	TODO: check
 CVE-2018-XXXX [prosody crashed on error handling for stream errors]
@@ -204,7 +204,7 @@ CVE-2018-10736
 CVE-2018-10735
 	RESERVED
 CVE-2018-10734 (KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a ...)
-	TODO: check
+	NOT-FOR-US: KONGTOP DVR devices
 CVE-2018-10733 (There is a heap-based buffer over-read in the function ...)
 	- libgxps <unfixed> (low; bug #897954)
 	[wheezy] - libgxps <ignored> (Minor issue)
@@ -24722,7 +24722,7 @@ CVE-2018-1415 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scrip
 CVE-2018-1414 (IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to SQL ...)
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2018-1413 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM Cognos Analytics
 CVE-2018-1412
 	RESERVED
 CVE-2018-1411 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) ...)
@@ -25193,9 +25193,9 @@ CVE-2017-17542
 CVE-2017-17541
 	RESERVED
 CVE-2017-17540 (The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows ...)
-	TODO: check
+	NOT-FOR-US: Fortinet FortiWLC
 CVE-2017-17539 (The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and ...)
-	TODO: check
+	NOT-FOR-US: Fortinet FortiWLC
 CVE-2017-17538 (MikroTik v6.40.5 devices allow remote attackers to cause a denial of ...)
 	NOT-FOR-US: MikroTik
 CVE-2017-17537 (MikroTik RouterBOARD v6.39.2 and v6.40.5 allows an unauthenticated ...)
@@ -25854,7 +25854,7 @@ CVE-2018-1241
 CVE-2018-1240 (Dell EMC ViPR Controller, versions after 3.0.0.38, contain an ...)
 	NOT-FOR-US: EMC ViPR Controller
 CVE-2018-1239 (Dell EMC Unity Operating Environment (OE) versions prior to ...)
-	TODO: check
+	NOT-FOR-US: EMC Unity Operating Environment
 CVE-2018-1238 (Dell EMC ScaleIO versions prior to 2.5, contain a command injection ...)
 	NOT-FOR-US: EMC ScaleIO
 CVE-2018-1237 (Dell EMC ScaleIO versions prior to 2.5, contain improper restriction ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c33351be1dae98c9fcfa122deb7da7dbf6a36a1

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c33351be1dae98c9fcfa122deb7da7dbf6a36a1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180508/a882cde0/attachment.html>

More information about the debian-security-tracker-commits mailing list