[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Fri Nov 16 15:16:05 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7a5374f6 by Moritz Muehlenhoff at 2018-11-16T15:15:38Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25129,24 +25129,34 @@ CVE-2018-9579
RESERVED
CVE-2018-9578
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9577
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9576
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9575
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9574
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9573
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9572
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9571
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9570
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9569
RESERVED
+ NOT-FOR-US: Android libxaac
CVE-2018-9568
RESERVED
CVE-2018-9567
@@ -25214,31 +25224,31 @@ CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible
CVE-2018-9536 (In numerous functions of libFDK, there are possible out of bounds ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9535 (In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android libxaac
CVE-2018-9534 (In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a ...)
- TODO: check
+ NOT-FOR-US: Android libxaac
CVE-2018-9533 (In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out ...)
- TODO: check
+ NOT-FOR-US: Android libxaac
CVE-2018-9532 (In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a ...)
- TODO: check
+ NOT-FOR-US: Android libxaac
CVE-2018-9531 (In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9530 (In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a ...)
- TODO: check
+ NOT-FOR-US: Android libxaac
CVE-2018-9529 (In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a ...)
- TODO: check
+ NOT-FOR-US: Android libxaac
CVE-2018-9528 (In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a ...)
- TODO: check
+ NOT-FOR-US: Android libxaac
CVE-2018-9527 (In vorbis_book_decodev_set of codebook.c there is a possible out of ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9526 (In device configuration data, there is an improperly configured ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9525 (In the AndroidManifest.xml file defining the SliceBroadcastReceiver ...)
NOT-FOR-US: Android
CVE-2018-9524 (In functionality implemented in System UI, there are insufficient ...)
NOT-FOR-US: Android
CVE-2018-9523 (In Parcel.writeMapInternal of Parcel.java, there is a possible parcel ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9522 (In the serialization functions of StatsLogEventWrapper.java, there is ...)
NOT-FOR-US: Android
CVE-2018-9521 (In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out ...)
@@ -25403,7 +25413,7 @@ CVE-2018-9459 (In Attachment of Attachment.java and getFilePath of ...)
CVE-2018-9458 (In computeFocusedWindow of RootWindowContainer.java, and related ...)
NOT-FOR-US: Android
CVE-2018-9457 (In onCheckedChanged of BluetoothPairingController.java, there is a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9456
RESERVED
NOT-FOR-US: Android
@@ -27892,7 +27902,7 @@ CVE-2018-8531 (A remote code execution vulnerability exists in the way that Azur
CVE-2018-8530 (A security feature bypass vulnerability exists when Microsoft Edge ...)
NOT-FOR-US: Microsoft
CVE-2018-8529 (A remote code execution vulnerability exists when Team Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8528
RESERVED
CVE-2018-8527 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
@@ -37216,7 +37226,7 @@ CVE-2018-5497
CVE-2018-5496
RESERVED
CVE-2018-5495 (All StorageGRID Webscale versions are susceptible to a vulnerability ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2018-5494
RESERVED
CVE-2018-5493
@@ -42040,9 +42050,9 @@ CVE-2018-3700
CVE-2018-3699 (Cross-site scripting in the Intel RAID Web Console v3 for Windows may ...)
NOT-FOR-US: Intel RAID Web Console
CVE-2018-3698 (Improper file permissions in the installer for the Intel Ready Mode ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-3697 (Improper directory permissions in the installer for the Intel Media ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-3696 (Authentication bypass in the Intel RAID Web Console 3 for Windows ...)
NOT-FOR-US: Intel RAID Web Console
CVE-2018-3695
@@ -42206,7 +42216,7 @@ CVE-2018-3637
CVE-2018-3636
RESERVED
CVE-2018-3635 (Insufficient input validation in installer in Intel Rapid Store ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-3634 (Parameter corruption in NDIS filter driver in Intel Online Connect ...)
NOT-FOR-US: Intel
CVE-2018-3633
@@ -42234,7 +42244,7 @@ CVE-2018-3623
CVE-2018-3622
RESERVED
CVE-2018-3621 (Insufficient input validation in the Intel Driver & Support Assistant ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-3620 (Systems with microprocessors utilizing speculative execution and ...)
{DSA-4279-1 DSA-4274-1 DLA-1529-1 DLA-1481-1}
- linux 4.17.15-1
@@ -47665,7 +47675,7 @@ CVE-2018-1645
CVE-2018-1644 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
NOT-FOR-US: IBM
CVE-2018-1643 (The Installation Verification Tool of IBM WebSphere Application Server ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1642
RESERVED
CVE-2018-1641
@@ -51741,49 +51751,49 @@ CVE-2018-0703
CVE-2018-0702
RESERVED
CVE-2018-0701 (BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to ...)
- TODO: check
+ NOT-FOR-US: BlueStacks App Player
CVE-2018-0700 (YukiWiki 2.1.3 and earlier does not process a particular request ...)
- TODO: check
+ NOT-FOR-US: YukiWiki
CVE-2018-0699 (Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier ...)
- TODO: check
+ NOT-FOR-US: YukiWiki
CVE-2018-0698
RESERVED
CVE-2018-0697 (Cross-site scripting vulnerability in Metabase version 0.29.3 and ...)
- TODO: check
+ NOT-FOR-US: Metabase
CVE-2018-0696
RESERVED
CVE-2018-0695 (Cross-site scripting vulnerability in User-friendly SVN (USVN) Version ...)
- TODO: check
+ NOT-FOR-US: User-friendly SVN
CVE-2018-0694 (FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: FileZen
CVE-2018-0693 (Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows ...)
- TODO: check
+ NOT-FOR-US: FileZen
CVE-2018-0692 (Untrusted search path vulnerability in Baidu Browser Version ...)
- TODO: check
+ NOT-FOR-US: Baidu
CVE-2018-0691 (Multiple +Message Apps (Softbank +Message App for Android prior to ...)
- TODO: check
+ NOT-FOR-US: Softbank +Message App for Android
CVE-2018-0690 (An unvalidated software update vulnerability in Music Center for PC ...)
- TODO: check
+ NOT-FOR-US: Music Center for PC
CVE-2018-0689
RESERVED
CVE-2018-0688
RESERVED
CVE-2018-0687 (Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0686 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0685 (SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0684 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0683 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0682 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0681 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0680 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
- TODO: check
+ NOT-FOR-US: NEOJAPAN
CVE-2018-0679 (Cross-site scripting vulnerability in multiple FXC Inc. network ...)
TODO: check
CVE-2018-0678
@@ -51797,7 +51807,7 @@ CVE-2018-0675 (AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script ..
CVE-2018-0674 (AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script ...)
NOT-FOR-US: AttacheCase
CVE-2018-0673 (Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2018-0672 (Cross-site scripting vulnerability in Movable Type versions prior to ...)
- movabletype-opensource <removed>
CVE-2018-0671
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5374f6c40bb2849c1e59fd5c322e27140244b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5374f6c40bb2849c1e59fd5c322e27140244b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181116/3c997da2/attachment.html>
More information about the debian-security-tracker-commits
mailing list