[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Mon May 21 21:23:57 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
45e0e911 by Salvatore Bonaccorso at 2018-05-21T22:23:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17,7 +17,7 @@ CVE-2018-11322
 CVE-2018-11321
 	RESERVED
 CVE-2018-11320 (In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are ...)
-	TODO: check
+	NOT-FOR-US: Octopus Deploy
 CVE-2018-1000181
 	RESERVED
 CVE-2018-1000180
@@ -37,7 +37,7 @@ CVE-2018-11313
 CVE-2018-11312
 	RESERVED
 CVE-2018-11311 (A hardcoded FTP username of myscada and password of Vikuk63 in ...)
-	TODO: check
+	NOT-FOR-US: mySCADA
 CVE-2018-11310
 	RESERVED
 CVE-2018-11309
@@ -564,7 +564,7 @@ CVE-2018-11098 (An issue was discovered in Frog CMS 0.9.5. There is a file uploa
 CVE-2018-11097 (An issue was discovered in cloudwu/cstring through 2016-11-09. There is ...)
 	NOT-FOR-US: cloudwu
 CVE-2018-11096 (Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Horse Market Sell & Rent Portal Script
 CVE-2018-11095 (The decompileJUMP function in decompile.c in libming through 0.4.8 ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/141
@@ -573,7 +573,7 @@ CVE-2018-11094 (An issue was discovered on Intelbras NCLOUD 300 1.0 devices. ...
 CVE-2018-11093
 	RESERVED
 CVE-2018-11092 (An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF ...)
-	TODO: check
+	NOT-FOR-US: Admin Notes plugin for MyBB
 CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file ...)
 	NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This ...)
@@ -7586,7 +7586,7 @@ CVE-2018-8144
 CVE-2018-8143
 	RESERVED
 CVE-2018-8142 (A security feature bypass exists when Windows incorrectly validates ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8141 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8140
@@ -10401,7 +10401,7 @@ CVE-2018-7270
 CVE-2018-7269 (The findByCondition function in framework/db/ActiveRecord.php in Yii ...)
 	- yii <itp> (bug #597899)
 CVE-2018-7268 (MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic ...)
-	TODO: check
+	NOT-FOR-US: MagniComp
 CVE-2018-7267
 	RESERVED
 CVE-2018-7266



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/45e0e9118788e0185a490d03c5cc161a6bc743a3

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/45e0e9118788e0185a490d03c5cc161a6bc743a3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180521/4b5e7d45/attachment.html>


More information about the debian-security-tracker-commits mailing list