[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Nov 8 20:33:03 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
26095d58 by Salvatore Bonaccorso at 2018-11-08T20:32:29Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
 CVE-2018-19114 (An issue was discovered in MinDoc through v1.0.2. It allows attackers ...)
-	TODO: check
+	NOT-FOR-US: MinDoc
 CVE-2018-19113
 	RESERVED
 CVE-2018-19112
 	RESERVED
 CVE-2018-19111 (The Google Cardboard application 1.8 for Android and 1.2 for iOS sends ...)
-	TODO: check
+	NOT-FOR-US: Google Cardboard application for Android and iOS
 CVE-2018-19110 (The skin-management feature in tianti 2.3 allows remote authenticated ...)
-	TODO: check
+	NOT-FOR-US: tianti
 CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended ...)
-	TODO: check
+	NOT-FOR-US: tianti
 CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD ...)
 	TODO: check
 CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from ...)
@@ -19,7 +19,7 @@ CVE-2018-19106
 CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service ...)
 	TODO: check
 CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be ...)
-	TODO: check
+	NOT-FOR-US: BageCMS
 CVE-2018-19103
 	RESERVED
 CVE-2018-19102
@@ -9083,19 +9083,19 @@ CVE-2018-15451
 CVE-2018-15450
 	RESERVED
 CVE-2018-15449 (A vulnerability in the web-based management interface of Cisco Video ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15448 (A vulnerability in the user management functions of Cisco Registered ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15447 (A vulnerability in the web framework code of Cisco Integrated ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15446 (A vulnerability in Cisco Meeting Server could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15445 (A vulnerability in the web-based management interface of Cisco Energy ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15444 (A vulnerability in the web-based user interface of Cisco Energy ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15443 (A vulnerability in the detection engine of Cisco Firepower System ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings Desktop ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15441
@@ -9103,11 +9103,11 @@ CVE-2018-15441
 CVE-2018-15440
 	RESERVED
 CVE-2018-15439 (A vulnerability in the Cisco Small Business Switches software could ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15438 (A vulnerability in the web-based management interface of Cisco Prime ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15437 (A vulnerability in the system scanning component of Cisco Immunet and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15436 (A vulnerability in the web-based management interface of Cisco Webex ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15435 (A vulnerability in the web-based management interface of Cisco ...)
@@ -9193,9 +9193,9 @@ CVE-2018-15396 (A vulnerability in the Bulk Administration Tool (BAT) for Cisco
 CVE-2018-15395 (A vulnerability in the authentication and authorization checking ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15394 (A vulnerability in the Stealthwatch Management Console (SMC) of Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15393 (A vulnerability in the web-based management interface of Cisco Content ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15392 (A vulnerability in the DHCP service of Cisco Industrial Network ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15391 (A vulnerability in certain IPv4 fragment-processing functions of Cisco ...)
@@ -9219,7 +9219,7 @@ CVE-2018-15383 (A vulnerability in the cryptographic hardware accelerator driver
 CVE-2018-15382 (A vulnerability in Cisco HyperFlex Software could allow an ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15381 (A Java deserialization vulnerability in Cisco Unity Express (CUE) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15380
 	RESERVED
 CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime ...)
@@ -18452,7 +18452,7 @@ CVE-2018-11779
 CVE-2018-11778 (UnixAuthenticationService in Apache Ranger 1.2.0 was updated to ...)
 	NOT-FOR-US: Apache Ranger
 CVE-2018-11777 (In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on ...)
-	TODO: check
+	NOT-FOR-US: Apache Hive
 CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from ...)
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057
@@ -48244,7 +48244,7 @@ CVE-2018-1316 (The ODE process deployment web service was sensible to deployment
 CVE-2018-1315 (In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run ...)
 	NOT-FOR-US: Apache Hive
 CVE-2018-1314 (In Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does ...)
-	TODO: check
+	NOT-FOR-US: Apache Hive
 CVE-2018-1313 (In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network ...)
 	- derby 10.14.2.0-1
 	[jessie] - derby <no-dsa> (Minor issue)
@@ -52001,7 +52001,7 @@ CVE-2018-0286 (A vulnerability in the netconf interface of Cisco IOS XR Software
 CVE-2018-0285 (A vulnerability in service logging for Cisco Prime Service Catalog ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0284 (A vulnerability in the local status page functionality of the Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-0283 (A vulnerability in the detection engine of Cisco Firepower System ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0282



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/26095d5818b6d54c00e784edf972e271c2b9baf1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/26095d5818b6d54c00e784edf972e271c2b9baf1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181108/2961cd38/attachment.html>

More information about the debian-security-tracker-commits mailing list