[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Fri May 18 09:25:05 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5b2ed97f by Salvatore Bonaccorso at 2018-05-18T10:24:46+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2902,7 +2902,7 @@ CVE-2018-10029 (CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in ...)
 CVE-2018-10028 (joyplus-cms 1.6.0 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: joyplus-cms
 CVE-2018-10027 (ESTsoft ALZip before 10.76 allows local users to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: ESTsoft ALZip
 CVE-2018-10026 (The WeChat module in YzmCMS 3.7.1 has reflected XSS via the ...)
 	NOT-FOR-US: WeChat module in YzmCMS
 CVE-2018-10025
@@ -3025,105 +3025,105 @@ CVE-2018-9986 (In Zulip Server versions before 1.7.2, there were XSS issues with
 CVE-2018-9985 (The front page of MetInfo 6.0 allows XSS by sending a feedback message ...)
 	NOT-FOR-US: MetInfo
 CVE-2018-9984 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9983 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9982 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9981 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9980 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9979 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9978 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9977 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9976 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9975 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9974 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9973 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9972 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9971 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9970 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9969 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9968 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9967 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9966 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9965 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9964 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9963 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9962 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9961 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9960 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9959 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9958 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9957 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9956 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9955 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9954 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9953 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9952 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9951 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9950 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9949 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9948 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9947 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9946 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9945 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9944 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9943 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9942 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9941 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9940 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9939 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9938 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9937 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9936 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9935 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-9934 (The reset-password feature in MetInfo 6.0 allows remote attackers to ...)
 	NOT-FOR-US: MetInfo
 CVE-2018-9933
@@ -6165,7 +6165,7 @@ CVE-2018-8716 (WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allo
 CVE-2018-8715 (The Embedthis HTTP library, and Appweb versions before 7.0.3, have a ...)
 	NOT-FOR-US: Embedthis HTTP library / Appweb
 CVE-2018-8714 (Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users ...)
-	TODO: check
+	NOT-FOR-US: Honeywell MatrikonOPC OPC Controller
 CVE-2018-8713
 	RESERVED
 CVE-2018-8712 (An issue was discovered in Webmin 1.840 and 1.880 when the default Yes ...)
@@ -27265,21 +27265,21 @@ CVE-2017-17432 (OpenAFS 1.x before 1.6.22 does not properly validate Rx ack pack
 	- openafs 1.6.22-1 (bug #883602)
 	NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt
 CVE-2018-1180 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1179 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1178 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1177 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1176 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1175 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1174 (This vulnerability allows remote attackers to disclose sensitive ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1173 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-1172 (This vulnerability allows remote attackers to deny service on ...)
 	[experimental] - squid 4.0.21-1~exp5 (unimportant)
 	- squid <removed> (unimportant)
@@ -35357,7 +35357,7 @@ CVE-2017-15535 (MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a ...)
 CVE-2017-15534 (The Norton App Lock prior to version 1.3.0.13 can be susceptible to an ...)
 	NOT-FOR-US: Noron App Lock
 CVE-2017-15533 (Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2017-15532 (Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a ...)
 	NOT-FOR-US: Symantec
 CVE-2017-15531 (Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5b2ed97fda4efd9eda50274bf71e0704ee4d9a05

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5b2ed97fda4efd9eda50274bf71e0704ee4d9a05
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180518/afdaa42d/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list