[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Sep 11 21:32:27 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
314fee8a by Salvatore Bonaccorso at 2018-09-11T20:32:06Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -217,7 +217,7 @@ CVE-2018-16838
 CVE-2018-16837
 	RESERVED
 CVE-2018-16836 (Rubedo through 3.4.0 contains a Directory Traversal vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Rubedo CMS
 CVE-2018-16835
 	RESERVED
 CVE-2018-16834
@@ -225,7 +225,7 @@ CVE-2018-16834
 CVE-2018-16833
 	RESERVED
 CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to ...)
-	TODO: check
+	NOT-FOR-US: xunfeng
 CVE-2018-XXXX [OpenAFS Security Advisory-2018-003]
 	- openafs <unfixed> (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt
@@ -14736,7 +14736,7 @@ CVE-2018-11080
 CVE-2018-11079
 	RESERVED
 CVE-2018-11078 (Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an ...)
-	TODO: check
+	NOT-FOR-US: EMC VPlex GeoSynchrony
 CVE-2018-11077
 	RESERVED
 CVE-2018-11076
@@ -14752,11 +14752,11 @@ CVE-2018-11072
 CVE-2018-11071
 	RESERVED
 CVE-2018-11070 (RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J ...)
-	TODO: check
+	NOT-FOR-US: RSA BSAFE Crypto-J
 CVE-2018-11069 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing ...)
-	TODO: check
+	NOT-FOR-US: RSA BSAFE SSL-J
 CVE-2018-11068 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection ...)
-	TODO: check
+	NOT-FOR-US: RSA BSAFE SSL-J
 CVE-2018-11067
 	RESERVED
 CVE-2018-11066
@@ -25873,9 +25873,9 @@ CVE-2018-6978
 CVE-2018-6977
 	RESERVED
 CVE-2018-6976 (The VMware Content Locker for iOS prior to 4.14 contains a data ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2018-6975 (The AirWatch Agent for iOS prior to 5.8.1 contains a data protection ...)
-	TODO: check
+	NOT-FOR-US: AirWatch Agent for iOS
 CVE-2018-6974
 	RESERVED
 CVE-2018-6973 (VMware Workstation (14.x before 14.1.3) and Fusion (10.x before ...)
@@ -39283,33 +39283,33 @@ CVE-2018-2467
 CVE-2018-2466
 	RESERVED
 CVE-2018-2465 (SAP HANA (versions 1.0 and 2.0) Extended Application Services classic ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2464 (SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2463 (The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2462 (In certain cases, BEx Web Java Runtime Export Web Service in SAP ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2461 (Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2460 (SAP Business One Android application, version 1.2, does not verify the ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2459 (Users of an SAP Mobile Platform (version 3.0) Offline OData ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2458 (Under certain conditions, Crystal Report using SAP Business One, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2457 (Under certain conditions SAP Adaptive Server Enterprise, version 16.0, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2456
 	RESERVED
 CVE-2018-2455 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2454 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2453
 	RESERVED
 CVE-2018-2452 (The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2451 (XS Command-Line Interface (CLI) user sessions with the SAP HANA ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2450 (SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who ...)
@@ -41121,7 +41121,7 @@ CVE-2018-1573
 CVE-2018-1572
 	RESERVED
 CVE-2018-1571 (IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1570
 	RESERVED
 CVE-2018-1569
@@ -45138,9 +45138,9 @@ CVE-2018-0650 (The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6
 CVE-2018-0649 (Untrusted search path vulnerability in the installers of multiple ...)
 	TODO: check
 CVE-2018-0648 (Untrusted search path vulnerability in installer of ChatWork Desktop ...)
-	TODO: check
+	NOT-FOR-US: installer of ChatWork Desktop App for Windows
 CVE-2018-0647 (Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware ...)
-	TODO: check
+	NOT-FOR-US: WL-330NUL Firmware
 CVE-2018-0646 (Directory traversal vulnerability in Explzh v.7.58 and earlier allows ...)
 	NOT-FOR-US: Explzh
 CVE-2018-0645 (MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/314fee8a707ccb648180c163094059d6d2aa1155

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/314fee8a707ccb648180c163094059d6d2aa1155
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180911/f3e5d014/attachment.html>

More information about the debian-security-tracker-commits mailing list