[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
620dab8e by Salvatore Bonaccorso at 2018-11-06T21:26:20Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2828,7 +2828,7 @@ CVE-2018-17915 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P
 CVE-2018-17914 (InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI ...)
 	NOT-FOR-US: InduSoft Web Studio
 CVE-2018-17913 (A type confusion vulnerability exists when processing project files in ...)
-	TODO: check
+	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17912 (An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when ...)
 	NOT-FOR-US: CASE Suite
 CVE-2018-17911 (LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based ...)
@@ -2836,15 +2836,15 @@ CVE-2018-17911 (LAquis SCADA Versions 4.1.0.3870 and prior has several stack-bas
 CVE-2018-17910 (WebAccess Versions 8.3.2 and prior. The application fails to properly ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2018-17909 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
-	TODO: check
+	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17908 (WebAccess Versions 8.3.2 and prior. During installation, the ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2018-17907 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
-	TODO: check
+	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17906
 	RESERVED
 CVE-2018-17905 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
-	TODO: check
+	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17904 (Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This ...)
 	NOT-FOR-US: Reliance 4 SCADA/HMI
 CVE-2018-17903 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to ...)
@@ -4991,7 +4991,7 @@ CVE-2018-16988
 CVE-2018-16987 (Squash TM through 1.18.0 presents the cleartext passwords of external ...)
 	NOT-FOR-US: Squash TM
 CVE-2018-16986 (Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 ...)
-	TODO: check
+	NOT-FOR-US: Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices
 CVE-2018-16985 (In Lizard (formerly LZ5) 2.0, use of an invalid memory address was ...)
 	NOT-FOR-US: Lizard
 CVE-2018-16984 (An issue was discovered in Django 2.1 before 2.1.2, in which ...)
@@ -13951,9 +13951,9 @@ CVE-2018-13399 (The Microsoft Windows Installer for Atlassian Fisheye and Crucib
 CVE-2018-13398 (The administrative smart-commits resource in Atlassian Fisheye and ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
 CVE-2018-13397 (There was an argument injection vulnerability in Sourcetree for ...)
-	TODO: check
+	NOT-FOR-US: Sourcetree for Windows
 CVE-2018-13396 (There was an argument injection vulnerability in Sourcetree for macOS ...)
-	TODO: check
+	NOT-FOR-US: Sourcetree for macOS
 CVE-2018-13395 (Various resources in Atlassian Jira before version 7.6.8, from version ...)
 	NOT-FOR-US: Atlassian Jira
 CVE-2018-13394 (The acceptAnswer resource in Atlassian Confluence Questions before ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/620dab8e73db591d17d36829b231ddedc1e6cc2e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/620dab8e73db591d17d36829b231ddedc1e6cc2e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181106/348794a7/attachment.html>