[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d793e701 by Moritz Muehlenhoff at 2018-11-09T20:48:49Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2018-19137 (DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2018-19135
 	RESERVED
 CVE-2018-19134
 	RESERVED
 CVE-2018-19133 (In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email ...)
-	TODO: check
+	NOT-FOR-US: Flarum Core
 CVE-2018-19130 (In Libav 12.3, there is an invalid memory access in vc1_decode_frame in ...)
 	- libav <removed>
 CVE-2018-19129 (In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ...)
@@ -15,19 +15,19 @@ CVE-2018-19129 (In Libav 12.3, a NULL pointer dereference (RIP points to zero) i
 CVE-2018-19128 (In Libav 12.3, there is a heap-based buffer over-read in decode_frame ...)
 	- libav <removed>
 CVE-2018-19127 (A code injection vulnerability in /type.php in PHPCMS 2008 allows ...)
-	TODO: check
+	NOT-FOR-US: PHPCMS
 CVE-2018-19126 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2018-19125 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2018-19124 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2018-19123
 	RESERVED
 CVE-2018-19122 (An issue has been found in libIEC61850 v1.3. It is a NULL pointer ...)
-	TODO: check
+	NOT-FOR-US: libIEC61850
 CVE-2018-19121 (An issue has been found in libIEC61850 v1.3. It is a SEGV in ...)
-	TODO: check
+	NOT-FOR-US: libIEC61850
 CVE-2018-XXXX [otrs: Security Advisory 2018-09]
 	- otrs2 6.0.13-1
 	NOTE: https://community.otrs.com/security-advisory-2018-09-security-update-for-otrs-framework/
@@ -29214,7 +29214,7 @@ CVE-2018-7738 (In util-linux before 2.32-rc1, bash-completion/umount allows loca
 	NOTE: src:bash-completion (which in turn starting from 1:2.1-4.3
 	NOTE: does not provide the umount completion in the binary packaage)
 CVE-2018-7718 (An issue was discovered in Telexy QPath 5.4.462. A low privileged ...)
-	TODO: check
+	NOT-FOR-US: Telexy QPath
 CVE-2018-7717 (The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik ...)
 	NOT-FOR-US: Kubik-Rubik Simple Image Gallery Extended (SIGE) extension for Joomla!
 CVE-2018-7716 (PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation ...)
@@ -46519,7 +46519,7 @@ CVE-2018-1874
 CVE-2018-1873
 	RESERVED
 CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1871
 	RESERVED
 CVE-2018-1870



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d793e7018ad1b06ccb5db6b23ab829e3411b1534

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d793e7018ad1b06ccb5db6b23ab829e3411b1534
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181109/30c63ef9/attachment.html>