[Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs

Thu Sep 20 20:01:40 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
77c271c7 by Salvatore Bonaccorso at 2018-09-20T19:01:13Z
Process NFUs

- - - - -
2cbbb3b1 by Salvatore Bonaccorso at 2018-09-20T19:01:13Z
Add CVE-2018-17231

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2018-17243 (Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-17242
 	RESERVED
 CVE-2018-17241
@@ -21,9 +21,10 @@ CVE-2018-17234 (Memory leak in the H5O__chunk_deserialize() function in H5Ocache
 CVE-2018-17233 (A SIGFPE signal is raised in the function ...)
 	TODO: check
 CVE-2018-17232 (SQL injection vulnerability in archivebot.py in docmarionum1 Slack ...)
-	TODO: check
+	NOT-FOR-US: docmarionum1 Slack ArchiveBot (slack-archive-bot)
 CVE-2018-17231 (** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow ...)
-	TODO: check
+	- telegram-desktop <unfixed> (unimportant)
+	NOTE: Disputed as attack scenario does not cross a privilege boundary.
 CVE-2018-17230 (Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to ...)
 	TODO: check
 CVE-2018-17229 (Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/d15579f09a6453c73f64f3a69e97bfb577dfdc00...2cbbb3b140f2e5b7aa54cf430d2594044b0274b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/d15579f09a6453c73f64f3a69e97bfb577dfdc00...2cbbb3b140f2e5b7aa54cf430d2594044b0274b1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180920/457b159b/attachment.html>
