[Git][security-tracker-team/security-tracker][master] Process three NFUs for Keycloak

Salvatore Bonaccorso carnil at debian.org
Wed Nov 14 06:20:09 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
abc5766a by Salvatore Bonaccorso at 2018-11-14T06:19:43Z
Process three NFUs for Keycloak

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11500,16 +11500,16 @@ CVE-2018-14659 (The Gluster file system through versions 4.1.4 and 3.1.2 is vuln
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21530/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=be1e1785e2e4f3d6345ea5b5b684a1429784a01c
 CVE-2018-14658 (A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2018-14657 (A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2018-14656 (A missing address check in the callers of the show_opcodes() in the ...)
 	- linux 4.18.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/342db04ae71273322f0011384a9ed414df8bdae4
 CVE-2018-14655 (A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2018-14654 (The Gluster file system through version 4.1.4 is vulnerable to abuse ...)
 	- glusterfs <unfixed> (bug #912997)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abc5766a63272d702ccdd1299616480e1d67b465

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abc5766a63272d702ccdd1299616480e1d67b465
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181114/b9b26744/attachment.html>

More information about the debian-security-tracker-commits mailing list