[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a6f0ce67 by Salvatore Bonaccorso at 2018-09-09T06:35:34Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2018-16734
 CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in ...)
 	TODO: check
 CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via ...)
-	TODO: check
+	NOT-FOR-US: CScms
 CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding the php ...)
-	TODO: check
+	NOT-FOR-US: CScms
 CVE-2018-16730 (\upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name. ...)
-	TODO: check
+	NOT-FOR-US: CScms
 CVE-2018-16729
 	RESERVED
 CVE-2018-16728
@@ -19,9 +19,9 @@ CVE-2018-16727
 CVE-2018-16726
 	RESERVED
 CVE-2018-16725 (An issue is discovered in baijiacms V4. XSS exists via the ...)
-	TODO: check
+	NOT-FOR-US: baijiacms
 CVE-2018-16724 (An issue is discovered in baijiacms V4. Blind SQL Injection exists via ...)
-	TODO: check
+	NOT-FOR-US: baijiacms
 CVE-2018-16723
 	RESERVED
 CVE-2018-16722
@@ -39,7 +39,7 @@ CVE-2018-16717
 CVE-2018-16716
 	RESERVED
 CVE-2018-16715 (An issue was discovered in Absolute Software CTES Windows Agent through ...)
-	TODO: check
+	NOT-FOR-US: Absolute Software CTES Windows Agent
 CVE-2018-16714
 	RESERVED
 CVE-2018-16713
@@ -2953,7 +2953,7 @@ CVE-2018-15554
 CVE-2018-15553 (fileshare.cmd on Telus Actiontec T2200H T2200H-31.128L.03 devices ...)
 	NOT-FOR-US: Telus
 CVE-2018-15552 (The "PayWinner" function of a simplelottery smart contract ...)
-	TODO: check
+	NOT-FOR-US: simplelottery smart contract implementation for The Ethereum Lottery
 CVE-2018-15551
 	RESERVED
 CVE-2018-15550
@@ -39019,7 +39019,7 @@ CVE-2017-17693 (Techno - Portfolio Management Panel through 2017-11-16 does not
 CVE-2017-17692 (Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass ...)
 	NOT-FOR-US: Samsung Internet Browser
 CVE-2017-17691 (Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses ...)
-	TODO: check
+	NOT-FOR-US: Homeputer CL Studio fur HomeMatic
 CVE-2017-17690
 	RESERVED
 CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6f0ce67b687d9223fe26061d9ede25ba1eb7498

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6f0ce67b687d9223fe26061d9ede25ba1eb7498
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180909/3dabcbc0/attachment.html>