[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Nov 27 08:53:13 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
05351de9 by Salvatore Bonaccorso at 2018-11-27T08:44:15Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2021,7 +2021,7 @@ CVE-2018-19597
 CVE-2018-19596
 	RESERVED
 CVE-2018-19595 (PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2018-19594
 	RESERVED
 CVE-2018-19593
@@ -2742,7 +2742,7 @@ CVE-2018-19539 (An issue was discovered in JasPer 2.0.14. There is an access vio
 CVE-2018-19538
 	RESERVED
 CVE-2018-19537 (TP-Link Archer C5 devices through V2_160201_US allow remote command ...)
-	TODO: check
+	NOT-FOR-US: TP-Link Archer C5 devices
 CVE-2018-19536
 	RESERVED
 CVE-2018-19535 (In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in ...)
@@ -2760,7 +2760,7 @@ CVE-2018-19530 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows re
 CVE-2018-19529
 	RESERVED
 CVE-2018-19528 (TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2018-19527
 	RESERVED
 CVE-2018-19526
@@ -2776,7 +2776,7 @@ CVE-2018-19522
 CVE-2018-19521
 	RESERVED
 CVE-2018-19520 (An issue was discovered in SDCMS 1.6 with PHP 5.x. ...)
-	TODO: check
+	NOT-FOR-US: SDCMS
 CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the ...)
 	TODO: check
 CVE-2018-19516
@@ -18471,19 +18471,19 @@ CVE-2018-13326 (The transfer and transferFrom functions of a smart contract ...)
 CVE-2018-13325 (The _sell function of a smart contract implementation for GROWCHAIN ...)
 	NOT-FOR-US: smart contract
 CVE-2018-13324 (Incorrect access control in nasapi in Buffalo TS5600D1206 version ...)
-	TODO: check
+	NOT-FOR-US: Buffalo
 CVE-2018-13323 (Cross-site scripting in detail.html in Buffalo TS5600D1206 version ...)
-	TODO: check
+	NOT-FOR-US: Buffalo
 CVE-2018-13322 (Directory traversal in list_folders method in Buffalo TS5600D1206 ...)
-	TODO: check
+	NOT-FOR-US: Buffalo
 CVE-2018-13321 (Incorrect access controls in nasapi in Buffalo TS5600D1206 version ...)
-	TODO: check
+	NOT-FOR-US: Buffalo
 CVE-2018-13320 (System Command Injection in network.set_auth_settings in Buffalo ...)
-	TODO: check
+	NOT-FOR-US: Buffalo
 CVE-2018-13319 (Incorrect access control in get_portal_info in Buffalo TS5600D1206 ...)
-	TODO: check
+	NOT-FOR-US: Buffalo
 CVE-2018-13318 (System command injection in User.create method in Buffalo TS5600D1206 ...)
-	TODO: check
+	NOT-FOR-US: Buffalo
 CVE-2018-13317 (Password disclosure in password.htm in TOTOLINK A3002RU version 1.0.8 ...)
 	TODO: check
 CVE-2018-13316
@@ -24580,9 +24580,9 @@ CVE-2018-11079 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, .
 CVE-2018-11078 (Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an ...)
 	NOT-FOR-US: EMC VPlex GeoSynchrony
 CVE-2018-11077 ('getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2018-11076 (Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2018-11075 (RSA Authentication Manager versions prior to 8.3 P3 contain a ...)
 	NOT-FOR-US: RSA Authentication Manager
 CVE-2018-11074 (RSA Authentication Manager versions prior to 8.3 P3 are affected by a ...)
@@ -24600,9 +24600,9 @@ CVE-2018-11069 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing
 CVE-2018-11068 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection ...)
 	NOT-FOR-US: RSA BSAFE SSL-J
 CVE-2018-11067 (Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2018-11066 (Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2018-11065 (The WorkPoint component, which is embedded in all RSA Archer, versions ...)
 	NOT-FOR-US: RSA
 CVE-2018-11064 (Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/05351de9ec7f83ef245ccb0989f42d3a14645d1c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/05351de9ec7f83ef245ccb0989f42d3a14645d1c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181127/586c76a9/attachment.html>

More information about the debian-security-tracker-commits mailing list