[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0eb085ee by Salvatore Bonaccorso at 2018-10-10T20:28:04Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,17 +21,17 @@ CVE-2018-18213
 CVE-2018-18212
 	RESERVED
 CVE-2018-18211 (PbootCMS 1.2.1 has SQL injection via the HTTP POST data to the ...)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2018-18210 (XSS exists in DiliCMS 2.4.0 via the ...)
-	TODO: check
+	NOT-FOR-US: DiliCMS
 CVE-2018-18209 (XSS exists in DiliCMS 2.4.0 via the ...)
-	TODO: check
+	NOT-FOR-US: DiliCMS
 CVE-2018-18208 (Virtualmin 6.03 allows XSS via the query string, as demonstrated by the ...)
 	TODO: check
 CVE-2018-18207 (Virtualmin 6.03 allows Frame Injection via the settings-editor_read.cgi ...)
 	TODO: check
 CVE-2018-18206 (In the client in Bytom before 1.0.6, checkTopicRegister in ...)
-	TODO: check
+	NOT-FOR-US: Bytom
 CVE-2018-18205
 	RESERVED
 CVE-2018-18204
@@ -270,7 +270,7 @@ CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for "red&quot
 	- openjpeg2 <unfixed>
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1152
 CVE-2018-18087 (The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user ...)
-	TODO: check
+	NOT-FOR-US: Bixie Portfolio plugin for Pagekit
 CVE-2018-18086 (EmpireCMS v7.5 has an arbitrary file upload vulnerability in the ...)
 	NOT-FOR-US: EmpireCMS
 CVE-2018-18085
@@ -6898,7 +6898,7 @@ CVE-2018-15313
 CVE-2018-15312
 	RESERVED
 CVE-2018-15311 (When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-15310 (A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-XXXX [libykneomgr memory corruption]
@@ -10707,17 +10707,17 @@ CVE-2018-13807 (A vulnerability has been identified in SCALANCE X300 (All versio
 CVE-2018-13806 (A vulnerability has been identified in SIEMENS TD Keypad Designer (All ...)
 	NOT-FOR-US: Siemens
 CVE-2018-13805 (A vulnerability has been identified in SIMATIC ET 200SP Open ...)
-	TODO: check
+	NOT-FOR-US: SIMATIC
 CVE-2018-13804
 	RESERVED
 CVE-2018-13803
 	RESERVED
 CVE-2018-13802 (A vulnerability has been identified in ROX II (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens / ROX II
 CVE-2018-13801 (A vulnerability has been identified in ROX II (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens / ROX II
 CVE-2018-13800 (A vulnerability has been identified in SIMATIC S7-1200 CPU family ...)
-	TODO: check
+	NOT-FOR-US: SIMATIC
 CVE-2018-13799 (A vulnerability has been identified in SIMATIC WinCC OA V3.14 and ...)
 	NOT-FOR-US: SIMATIC
 CVE-2018-13798
@@ -14854,7 +14854,7 @@ CVE-2018-12195
 CVE-2018-12194
 	RESERVED
 CVE-2018-12193 (Insufficient access control in driver stack for Intel QuickAssist ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2018-12192
 	RESERVED
 CVE-2018-12191



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0eb085ee2c6db95e673251007bda71ac2a60104d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0eb085ee2c6db95e673251007bda71ac2a60104d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181010/9c737663/attachment.html>