[Git][security-tracker-team/security-tracker][master] requests no-dsa
Moritz Muehlenhoff
jmm at debian.org
Wed Oct 10 22:28:33 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
719d3da6 by Moritz Muehlenhoff at 2018-10-10T21:27:43Z
requests no-dsa
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -297,7 +297,8 @@ CVE-2018-18076
CVE-2018-18075 (WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or ...)
NOT-FOR-US: WikidForum
CVE-2018-18074 (The Requests package through 2.19.1 before 2018-09-14 for Python sends ...)
- - requests <unfixed> (bug #910766)
+ - requests <unfixed> (low; bug #910766)
+ [stretch] - requests <no-dsa> (Minor issue)
NOTE: https://github.com/requests/requests/issues/4716
NOTE: https://github.com/requests/requests/pull/4718
NOTE: https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff
@@ -700,15 +701,15 @@ CVE-2018-17921
CVE-2018-17920
RESERVED
CVE-2018-17919 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud ...)
- TODO: check
+ NOT-FOR-US: P2P Cloud Server
CVE-2018-17918
RESERVED
CVE-2018-17917 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud ...)
- TODO: check
+ NOT-FOR-US: P2P Cloud Server
CVE-2018-17916
RESERVED
CVE-2018-17915 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud ...)
- TODO: check
+ NOT-FOR-US: P2P Cloud Server
CVE-2018-17914
RESERVED
CVE-2018-17913
@@ -6429,9 +6430,9 @@ CVE-2018-15545
CVE-2018-15544
RESERVED
CVE-2018-15543 (** DISPUTED ** An issue was discovered in the org.telegram.messenger ...)
- TODO: check
+ NOT-FOR-US: org.telegram.messenger for Android
CVE-2018-15542 (** DISPUTED ** An issue was discovered in the org.telegram.messenger ...)
- TODO: check
+ NOT-FOR-US: org.telegram.messenger for Android
CVE-2018-15541
RESERVED
CVE-2018-15540
@@ -14899,9 +14900,9 @@ CVE-2018-12175 (Default install directory permissions in Intel Distribution for
CVE-2018-12174
RESERVED
CVE-2018-12173 (Insufficient access protection in firmware in Intel Server Board, ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12172 (Improper password hashing in firmware in Intel Server Board ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12171 (Privilege escalation in Intel Baseboard Management Controller (BMC) ...)
NOT-FOR-US: Intel Baseboard Management Controller firmware
CVE-2018-12170
@@ -14929,7 +14930,7 @@ CVE-2018-12160 (DLL injection vulnerability in software installer for Intel Data
CVE-2018-12159
RESERVED
CVE-2018-12158 (Insufficient input validation in BIOS update utility in Intel NUC FW ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12157
RESERVED
CVE-2018-12156
@@ -14949,7 +14950,7 @@ CVE-2018-12150 (Escalation of privilege in Installer for Intel Extreme Tuning Ut
CVE-2018-12149 (Buffer overflow in input handling in Intel Extreme Tuning Utility ...)
NOT-FOR-US: Intel
CVE-2018-12148 (Privilege escalation in file permissions in Intel Driver and Support ...)
- NOT-FOR-US: INtel
+ NOT-FOR-US: Intel
CVE-2018-12147
RESERVED
CVE-2018-12146
@@ -14983,7 +14984,7 @@ CVE-2018-12133
CVE-2018-12132
RESERVED
CVE-2018-12131 (Permissions in the driver pack installers for Intel NVMe before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12130
RESERVED
CVE-2018-12129
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/719d3da6f79565ca4d5a33901c6812f98bf5b732
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/719d3da6f79565ca4d5a33901c6812f98bf5b732
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181010/64570fdd/attachment.html>
More information about the debian-security-tracker-commits
mailing list