[Git][security-tracker-team/security-tracker][master] Process a couple of NFUs

Salvatore Bonaccorso carnil at debian.org
Fri May 18 08:34:09 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
92eb7d69 by Salvatore Bonaccorso at 2018-05-18T09:33:43+02:00
Process a couple of NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -226,7 +226,7 @@ CVE-2018-11129 (The header::add_INFO_descriptor function in header.cpp in VCFtoo
 	NOTE: http://seclists.org/fulldisclosure/2018/May/43
 	NOTE: https://github.com/vcftools/vcftools/issues/109
 CVE-2018-11128 (The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 ...)
-	TODO: check
+	NOT-FOR-US: vincent0629 PDFParser
 CVE-2018-11127 (e107 2.1.7 has CSRF resulting in arbitrary user deletion. ...)
 	NOT-FOR-US: e107
 CVE-2018-11126 (dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that ...)
@@ -242,13 +242,13 @@ CVE-2018-11122
 CVE-2018-11121
 	RESERVED
 CVE-2018-11120 (Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2018-11119 (ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 redirects a logged-in user ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2018-11118 (The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2018-11117 (Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2018-11116
 	RESERVED
 CVE-2018-11115
@@ -412,7 +412,7 @@ CVE-2018-11040
 CVE-2018-11039
 	RESERVED
 CVE-2017-18268 (Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2018-11038
 	RESERVED
 CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in ...)
@@ -1140,13 +1140,13 @@ CVE-2018-10733 (There is a heap-based buffer over-read in the function ...)
 CVE-2018-10732
 	RESERVED
 CVE-2018-10731 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 CVE-2018-10730 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 CVE-2018-10729 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 CVE-2018-10728 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 CVE-2018-10727
 	RESERVED
 CVE-2018-10726 (** DISPUTED ** A stored XSS vulnerability was found in Datenstrom ...)
@@ -1733,51 +1733,51 @@ CVE-2018-10497
 CVE-2018-10496
 	RESERVED
 CVE-2018-10495 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10494 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10493 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10492 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10491 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10490 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10489 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10488 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10487 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10486 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10485 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10484 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10483 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10482 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10481 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10480 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10479 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10478 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10477 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10476 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10475 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10474 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10473 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-10470
 	RESERVED
 CVE-2018-10469 (b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and ...)
@@ -2122,9 +2122,9 @@ CVE-2018-10329 (app/tools/mac-lookup/index.php in phpIPAM 1.3.1 has Reflected XS
 CVE-2018-10328 (Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
 CVE-2018-10327 (PrinterOn Enterprise 4.1.3 stores the Active Directory bind ...)
-	TODO: check
+	NOT-FOR-US: PrinterOn Enterprise
 CVE-2018-10326 (PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored ...)
-	TODO: check
+	NOT-FOR-US: PrinterOn Enterprise
 CVE-2018-10325
 	RESERVED
 CVE-2018-10324



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92eb7d69e2b2ca7b38d2365fc13adf9f0e2eded4

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92eb7d69e2b2ca7b38d2365fc13adf9f0e2eded4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180518/d84b9336/attachment.html>

More information about the debian-security-tracker-commits mailing list