[Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for CVE-2018-14651

Salvatore Bonaccorso carnil at debian.org
Thu Nov 1 20:43:04 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
afce47ed by Salvatore Bonaccorso at 2018-11-01T20:42:41Z
Add reference for CVE-2018-14651

- - - - -
a16934ea by Salvatore Bonaccorso at 2018-11-01T20:42:42Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -251,11 +251,11 @@ CVE-2018-18779
 CVE-2018-18778 (ACME mini_httpd before 1.30 lets remote users read arbitrary files. ...)
 	- mini-httpd <unfixed>
 CVE-2018-18777 (Directory traversal vulnerability in Microstrategy Web, version 7, in ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Web
 CVE-2018-18776 (Microstrategy Web, version 7, does not sufficiently encode ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Web
 CVE-2018-18775 (Microstrategy Web, version 7, does not sufficiently encode ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Web
 CVE-2018-18774
 	RESERVED
 CVE-2018-18773
@@ -385,7 +385,7 @@ CVE-2018-18716
 CVE-2018-18715
 	RESERVED
 CVE-2018-18714 (RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible ...)
-	TODO: check
+	NOT-FOR-US: IOBit Malware Fighter
 CVE-2018-18713 (The function down_sql_action() in /admin/model/database.class.php in ...)
 	NOT-FOR-US: PHPYun
 CVE-2018-18712 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
@@ -438,7 +438,7 @@ CVE-2018-18697
 CVE-2018-18696
 	RESERVED
 CVE-2018-18695 (M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with ...)
-	TODO: check
+	NOT-FOR-US: M2SOFT Report Designer Viewer
 CVE-2018-18694 (admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-18693
@@ -8513,7 +8513,7 @@ CVE-2018-15456
 CVE-2018-15455
 	RESERVED
 CVE-2018-15454 (A vulnerability in the Session Initiation Protocol (SIP) inspection ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15453
 	RESERVED
 CVE-2018-15452
@@ -10362,6 +10362,7 @@ CVE-2018-14651 (It was found that the fix for CVE-2018-10927, CVE-2018-10928, ..
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632557
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21527/
+	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=5fdb7ae37f602894f81a2cadc5a4c609a4c85427
 CVE-2018-14650 (It was discovered that sos-collector does not properly set the default ...)
 	NOT-FOR-US: sos-collector (not same as sosreport itself, additional tool to sosreport)
 CVE-2018-14649 (It was found that ceph-isci-cli package as shipped by Red Hat Ceph ...)
@@ -21244,9 +21245,9 @@ CVE-2018-10589 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAcce
 CVE-2018-10588
 	RESERVED
 CVE-2018-10587 (NetGain Enterprise Manager (EM) is affected by OS Command Injection ...)
-	TODO: check
+	NOT-FOR-US: NetGain Enterprise Manager
 CVE-2018-10586 (NetGain Enterprise Manager (EM) is affected by multiple Stored ...)
-	TODO: check
+	NOT-FOR-US: NetGain Enterprise Manager
 CVE-2018-10585
 	RESERVED
 CVE-2018-10584
@@ -29740,7 +29741,7 @@ CVE-2018-7358
 CVE-2018-7357
 	RESERVED
 CVE-2018-7356 (All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are ...)
-	TODO: check
+	NOT-FOR-US: ZTE ZXR10 8905E
 CVE-2018-7355 (All versions up to V1.0.0B05 of ZTE MF65 and all versions up to ...)
 	NOT-FOR-US: ZTE
 CVE-2018-7354



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/12cce1993f931e71fc20c708553883cee7920650...a16934ea83ff06d66c4e3fd410b2d268c6953457

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/12cce1993f931e71fc20c708553883cee7920650...a16934ea83ff06d66c4e3fd410b2d268c6953457
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181101/1eeee7d8/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list