[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Sat Oct 6 19:10:13 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f927454d by Moritz Muehlenhoff at 2018-10-06T18:09:45Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5334,7 +5334,7 @@ CVE-2018-15765
 CVE-2018-15764 (Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote ...)
 	NOT-FOR-US: EMC ESRS Policy Manager
 CVE-2018-15763 (Pivotal Container Service, versions prior to 1.2.0, contains an ...)
-	TODO: check
+	NOT-FOR-US: Pivotal Container Service
 CVE-2018-15762
 	RESERVED
 CVE-2018-15761
@@ -11881,7 +11881,7 @@ CVE-2018-13049 (The constructSQL function in inc/search.class.php in GLPI 9.2.x
 CVE-2018-13044
 	RESERVED
 CVE-2018-13042 (The 1Password application 6.8 for Android is affected by a Denial Of ...)
-	TODO: check
+	NOT-FOR-US: 1Password
 CVE-2018-13041 (The mint function of a smart contract implementation for Link Platform ...)
 	NOT-FOR-US: Link Platform
 CVE-2018-13040 (OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can ...)
@@ -13136,7 +13136,7 @@ CVE-2018-12587 (A cross-site scripting (XSS) vulnerability was found in valeurad
 CVE-2018-12586
 	RESERVED
 CVE-2018-12585 (An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can ...)
-	TODO: check
+	NOT-FOR-US: OPC UA Java and .NET Legacy Stack
 CVE-2018-12584 (The ConnectionBase::preparseNewBytes function in ...)
 	{DLA-1439-1}
 	- resiprocate <unfixed> (bug #905495)
@@ -14390,7 +14390,7 @@ CVE-2018-12171 (Privilege escalation in Intel Baseboard Management Controller (B
 CVE-2018-12170
 	RESERVED
 CVE-2018-12169 (Platform sample code firmware in 4th Generation Intel Core Processor, ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2018-12168 (Privilege escalation in file permissions in Intel Computing ...)
 	NOT-FOR-US: Intel
 CVE-2018-12167
@@ -14580,9 +14580,9 @@ CVE-2018-12088 (S3QL before 2.27 mishandles checksumming, and consequently allow
 	NOTE: https://groups.google.com/forum/#!topic/s3ql/4TzCVIMkA4o
 	NOTE: https://bitbucket.org/nikratio/s3ql/commits/85aba5c2d5c81453a73a50ed638adaeef0521020
 CVE-2018-12087 (Failure to validate certificates in OPC Foundation UA Client ...)
-	TODO: check
+	NOT-FOR-US: OPC UA
 CVE-2018-12086 (Buffer overflow in OPC UA applications allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: OPC UA
 CVE-2018-12085 (Liblouis 3.6.0 has a stack-based Buffer Overflow in the function ...)
 	- liblouis 3.5.0-4 (bug #901202)
 	[stretch] - liblouis 3.0.0-3+deb9u4
@@ -14843,7 +14843,7 @@ CVE-2018-11984
 CVE-2018-11983
 	RESERVED
 CVE-2018-11982 (In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2018-11981
 	RESERVED
 CVE-2018-11980
@@ -15002,11 +15002,11 @@ CVE-2018-11906
 CVE-2018-11905
 	RESERVED
 CVE-2018-11904 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11903 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11902 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11901
 	RESERVED
 CVE-2018-11900
@@ -15016,35 +15016,35 @@ CVE-2018-11899
 CVE-2018-11898 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11897 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11896
 	RESERVED
 CVE-2018-11895 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11894 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11893 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11892
 	RESERVED
 CVE-2018-11891 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11890
 	RESERVED
 CVE-2018-11889 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11888
 	RESERVED
 CVE-2018-11887
 	RESERVED
 CVE-2018-11886 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11885
 	RESERVED
 CVE-2018-11884
 	RESERVED
 CVE-2018-11883 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11882
 	RESERVED
 CVE-2018-11881
@@ -15181,7 +15181,7 @@ CVE-2018-11820
 CVE-2018-11819
 	RESERVED
 CVE-2018-11818 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11817
 	RESERVED
 CVE-2018-11816
@@ -15420,11 +15420,11 @@ CVE-2018-11754
 CVE-2018-11753
 	RESERVED
 CVE-2018-11752 (Previous releases of the Puppet cisco_ios module output SSH session ...)
-	TODO: check
+	NOT-FOR-US: cisco_ios Puppet module
 CVE-2018-11751
 	RESERVED
 CVE-2018-11750 (Previous releases of the Puppet cisco_ios module did not validate a ...)
-	TODO: check
+	NOT-FOR-US: cisco_ios Puppet module
 CVE-2018-11749 (When users are configured to use startTLS with RBAC LDAP, at login ...)
 	- puppet <not-affected> (RBAC is specific to Puppet Enterprise)
 CVE-2018-11748 (Previous releases of the Puppet device_manager module creates ...)
@@ -16588,7 +16588,7 @@ CVE-2018-11354 (In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This
 CVE-2018-11353
 	RESERVED
 CVE-2018-11352 (The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site ...)
-	TODO: check
+	NOT-FOR-US: Wallabag
 CVE-2018-11351 (script.php in Jirafeau before 3.4.1 is affected by two stored ...)
 	NOT-FOR-US: Jirafeau
 CVE-2018-11350 (An issue was discovered in Jirafeau before 3.4.1. The file "search by ...)
@@ -16697,7 +16697,7 @@ CVE-2018-11304 (Possible buffer overflow in msm_adsp_stream_callback_put due to
 CVE-2018-11303
 	RESERVED
 CVE-2018-11302 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11301 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11300 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
@@ -17275,21 +17275,21 @@ CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This ..
 CVE-2018-11089
 	RESERVED
 CVE-2018-11088 (Pivotal Applications Manager in Pivotal Application Service, versions ...)
-	TODO: check
+	NOT-FOR-US: Pivotal
 CVE-2018-11087 (Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions ...)
 	NOT-FOR-US: Spring AMQP
 CVE-2018-11086 (Pivotal Usage Service in Pivotal Application Service, versions 2.0 ...)
-	TODO: check
+	NOT-FOR-US: Pivotal
 CVE-2018-11085
 	REJECTED
 CVE-2018-11084 (Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2018-11083 (Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2018-11082 (Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2018-11081 (Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior ...)
-	TODO: check
+	NOT-FOR-US: Pivotal
 CVE-2018-11080
 	RESERVED
 CVE-2018-11079
@@ -17323,7 +17323,7 @@ CVE-2018-11066
 CVE-2018-11065 (The WorkPoint component, which is embedded in all RSA Archer, versions ...)
 	NOT-FOR-US: RSA
 CVE-2018-11064 (Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2018-11063 (Dell WMS versions 1.1 and prior are impacted by multiple unquoted ...)
 	NOT-FOR-US: Dell WMS
 CVE-2018-11062



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f927454d9258a29448e82be26fcd49c25e88b3b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f927454d9258a29448e82be26fcd49c25e88b3b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181006/606ad683/attachment.html>

More information about the debian-security-tracker-commits mailing list