[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b49643f by Salvatore Bonaccorso at 2018-10-05T08:31:54Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,13 +33,13 @@ CVE-2018-17988
 CVE-2018-17987
 	RESERVED
 CVE-2018-17986 (rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password ...)
-	TODO: check
+	NOT-FOR-US: razorCMS
 CVE-2018-17985 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335
 CVE-2018-17984 (An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 ...)
-	TODO: check
+	NOT-FOR-US: ISPConfig
 CVE-2018-17982
 	RESERVED
 CVE-2018-17981
@@ -47,13 +47,13 @@ CVE-2018-17981
 CVE-2018-17980
 	RESERVED
 CVE-2015-9272 (The videowhisper-video-presentation plugin 3.31.17 for WordPress allows ...)
-	TODO: check
+	NOT-FOR-US: videowhisper-video-presentation plugin for WordPress
 CVE-2014-10076 (The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character ...)
-	TODO: check
+	NOT-FOR-US: wp-db-backup plugin WordPress
 CVE-2014-10075 (The karo gem 2.3.8 for Ruby allows Remote command injection via the ...)
 	TODO: check
 CVE-2013-7465 (Ice Cold Apps Servers Ultimate 6.0.2(12) does not require ...)
-	TODO: check
+	NOT-FOR-US: Ice Cold Apps Servers Ultimate
 CVE-2018-17983 (cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read ...)
 	- mercurial 4.7.2-1
 	[jessie] - mercurial <not-affected> (Vulnerable code not present)
@@ -244,7 +244,7 @@ CVE-2018-17893
 CVE-2018-17892
 	RESERVED
 CVE-2018-17891 (Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running ...)
-	TODO: check
+	NOT-FOR-US: Carestream Vue RIS, RIS Client Builds
 CVE-2018-17890
 	RESERVED
 CVE-2018-17889
@@ -339,7 +339,7 @@ CVE-2018-17851
 CVE-2018-17850
 	REJECTED
 CVE-2018-17849 (Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File ...)
-	TODO: check
+	NOT-FOR-US: Navigate CMS
 CVE-2018-17848 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...)
 	TODO: check
 CVE-2018-17847 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b49643f5b23ef5fc0aec0a26226edd54c3dc46a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b49643f5b23ef5fc0aec0a26226edd54c3dc46a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181005/e6b46603/attachment.html>