[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Sep 14 08:49:15 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ae52b51 by Salvatore Bonaccorso at 2018-09-14T07:48:52Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2018-16987 (Squash TM through 1.18.0 presents the cleartext passwords of ext
 CVE-2018-16986
 	RESERVED
 CVE-2018-16985 (In Lizard (formerly LZ5) 2.0, use of an invalid memory address was ...)
-	TODO: check
+	NOT-FOR-US: Lizard
 CVE-2018-16984
 	RESERVED
 CVE-2018-16983 (NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other ...)
@@ -497,7 +497,7 @@ CVE-2018-16798
 CVE-2018-16797 (A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 ...)
 	NOT-FOR-US: PotPlayer
 CVE-2018-16796 (HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files ...)
-	TODO: check
+	NOT-FOR-US: HiScout GRC Suite
 CVE-2018-16795
 	RESERVED
 CVE-2018-16794
@@ -4102,7 +4102,7 @@ CVE-2018-15312
 CVE-2018-15311
 	RESERVED
 CVE-2018-15310 (A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-XXXX [libykneomgr memory corruption]
 	- libykneomgr <unfixed> (low; bug #906138)
 	[stretch] - libykneomgr <no-dsa> (Minor issue)
@@ -21887,9 +21887,9 @@ CVE-2018-8369
 CVE-2018-8368
 	RESERVED
 CVE-2018-8367 (A remote code execution vulnerability exists in the way that the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8366 (An information disclosure vulnerability exists when the Microsoft Edge ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8365
 	RESERVED
 CVE-2018-8364
@@ -21913,7 +21913,7 @@ CVE-2018-8356 (A security feature bypass vulnerability exists when Microsoft .NE
 CVE-2018-8355 (A remote code execution vulnerability exists in the way the scripting ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8354 (A remote code execution vulnerability exists in the way that the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8353 (A remote code execution vulnerability exists in the way that the ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8352
@@ -21947,19 +21947,19 @@ CVE-2018-8339 (An elevation of privilege vulnerability exists in the Windows ...
 CVE-2018-8338
 	RESERVED
 CVE-2018-8337 (A security feature bypass vulnerability exists when Windows Subsystem ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8336 (An information disclosure vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8335 (A denial of service vulnerability exists in the Microsoft Server Block ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8334
 	RESERVED
 CVE-2018-8333
 	RESERVED
 CVE-2018-8332 (A remote code execution vulnerability exists when the Windows font ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8331 (A remote code execution vulnerability exists in Microsoft Excel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8330
 	RESERVED
 CVE-2018-8329
@@ -21991,7 +21991,7 @@ CVE-2018-8317
 CVE-2018-8316 (A remote code execution vulnerability exists when Internet Explorer ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8315 (An information disclosure vulnerability exists when the browser ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8314 (An elevation of privilege vulnerability exists when Windows fails a ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8313 (An elevation of privilege vulnerability exists in the way that the ...)
@@ -22079,7 +22079,7 @@ CVE-2018-8273 (A buffer overflow vulnerability exists in the Microsoft SQL Serve
 CVE-2018-8272
 	RESERVED
 CVE-2018-8271 (An information disclosure vulnerability exists in Windows when the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2018-8270
 	RESERVED
 CVE-2018-8269 (A denial of service vulnerability exists when OData Library improperly ...)
@@ -30826,15 +30826,15 @@ CVE-2015-9247 (An issue was discovered in Skybox Platform before 7.5.401. Reflec
 CVE-2015-9246 (An issue was discovered in Skybox Platform before 7.5.201. Remote ...)
 	NOT-FOR-US: Skybox Platform
 CVE-2018-5549 (On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5548 (On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5547 (Windows Logon Integration feature of F5 BIG-IP APM client prior to ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5546 (The svpn and policyserver components of the F5 BIG-IP APM client prior ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5545 (On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated ...)
-	TODO: check
+	NOT-FOR-US: F5 WebSafe Alert Server
 CVE-2018-5544 (When the F5 BIG-IP APM 13.0.0-13.1.1 or 12.1.0-12.1.3 renders certain ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-5543 (The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ae52b51de860d3983ac66136ec5b6e2047279c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ae52b51de860d3983ac66136ec5b6e2047279c3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180914/b5d1bebd/attachment.html>

More information about the debian-security-tracker-commits mailing list