[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat May 19 22:10:08 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6f2c8fc0 by Salvatore Bonaccorso at 2018-05-19T23:09:05+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5901,7 +5901,7 @@ CVE-2018-8869 (In Lantech IDS 2102 2.0 and prior, nearly all input fields allow 
 CVE-2018-8868
 	RESERVED
 CVE-2018-8867 (In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 ...)
-	TODO: check
+	NOT-FOR-US: GE PACSystems
 CVE-2018-8866 (In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an ...)
 	NOT-FOR-US: Vecna VGo Robot
 CVE-2018-8865 (In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow ...)
@@ -17225,13 +17225,13 @@ CVE-2018-4996
 CVE-2018-4995
 	RESERVED
 CVE-2018-4994 (Adobe Connect versions 9.7.5 and earlier have an exploitable ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4993
 	RESERVED
 CVE-2018-4992 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4991 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4990
 	RESERVED
 CVE-2018-4989
@@ -17329,17 +17329,17 @@ CVE-2018-4945
 CVE-2018-4944 (Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4943 (Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4942 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4941 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4940 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4939 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4938 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4937 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4936 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
@@ -17353,35 +17353,35 @@ CVE-2018-4933 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploi
 CVE-2018-4932 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4931 (Adobe Experience Manager versions 6.1 and earlier have an exploitable ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4930 (Adobe Experience Manager versions 6.3 and earlier have an exploitable ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4929 (Adobe Experience Manager versions 6.2 and earlier have an exploitable ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4928 (Adobe InDesign versions 13.0 and below have an exploitable Memory ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4927 (Adobe InDesign versions 13.0 and below have an exploitable Untrusted ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4926 (Adobe Digital Editions versions 4.5.7 and below have an exploitable ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4925 (Adobe Digital Editions versions 4.5.7 and below have an exploitable ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4924 (Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4923 (Adobe Connect versions 9.7 and earlier have an exploitable OS Command ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4922
 	RESERVED
 CVE-2018-4921 (Adobe Connect versions 9.7 and earlier have an exploitable unrestricted ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4920 (Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4919 (Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4918 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4917 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4916 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4915 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
@@ -17469,7 +17469,7 @@ CVE-2018-4875 (Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a
 CVE-2018-4874
 	RESERVED
 CVE-2018-4873 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-4872 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4871 (An Out-of-bounds Read issue was discovered in Adobe Flash Player before ...)
@@ -48628,11 +48628,11 @@ CVE-2017-11310 (The read_user_chunk_callback function in coders\png.c in ImageMa
 CVE-2017-11309 (Buffer overflow in the SoftConsole client in Avaya IP Office before ...)
 	NOT-FOR-US: Avaya IP Office
 CVE-2017-11308 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-11307 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-11306 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-11305 (A regression affecting Adobe Flash Player version 27.0.0.187 (and ...)
 	NOT-FOR-US: Adobe
 CVE-2017-11304 (An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and ...)
@@ -48738,13 +48738,13 @@ CVE-2017-11255 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 
 CVE-2017-11254 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11253 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-11252 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11251 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11250 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-11249 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11248 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
@@ -48764,7 +48764,7 @@ CVE-2017-11242 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 
 CVE-2017-11241 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11240 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-11239 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11238 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
@@ -53415,11 +53415,11 @@ CVE-2017-9639 (An issue was discovered in Fuji Electric V-Server Version 3.3.22.
 CVE-2017-9638 (Mitsubishi E-Designer, Version 7.52 Build 344 contains six code ...)
 	NOT-FOR-US: Mitsubishi E-Designer
 CVE-2017-9637 (Schneider Electric Ampla MES 6.4 provides capability to interact with ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2017-9636 (Mitsubishi E-Designer, Version 7.52 Build 344 contains five code ...)
 	NOT-FOR-US: Mitsubishi E-Designer
 CVE-2017-9635 (Schneider Electric Ampla MES 6.4 provides capability to configure ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2017-9634 (Mitsubishi E-Designer, Version 7.52 Build 344 contains two code ...)
 	NOT-FOR-US: Mitsubishi E-Designer
 CVE-2017-9633 (An Improper Restriction of Operations within the Bounds of a Memory ...)
@@ -83197,7 +83197,7 @@ CVE-2016-9094 (Symantec Endpoint Protection clients place detected malware in ..
 CVE-2016-9093 (A version of the SymEvent Driver that shipped with Symantec Endpoint ...)
 	NOT-FOR-US: Symantec
 CVE-2016-9092 (The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2016-9091 (Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content ...)
 	NOT-FOR-US: Blue Coat Advanced Secure Gateway
 CVE-2016-9090



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6f2c8fc00480700bb1394f35aeac0f7075e9ae1e

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6f2c8fc00480700bb1394f35aeac0f7075e9ae1e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180519/1e6e5e41/attachment.html>

More information about the debian-security-tracker-commits mailing list