[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue Sep 25 21:55:05 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
522d4819 by Moritz Muehlenhoff at 2018-09-25T20:54:42Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -325,7 +325,7 @@ CVE-2018-17371
 CVE-2018-17370
 	RESERVED
 CVE-2018-17369 (An issue was discovered in springboot_authority through 2017-03-06. ...)
-	TODO: check
+	NOT-FOR-US: springboot_authority
 CVE-2018-17368 (An issue was discovered in PublicCMS V4.0.180825. For an invalid login ...)
 	NOT-FOR-US: PublicCMS
 CVE-2018-17367
@@ -6171,11 +6171,11 @@ CVE-2018-14893
 CVE-2018-14892
 	RESERVED
 CVE-2018-14891 (Management Console in Vectra Networks Cognito Brain and Sensor before ...)
-	TODO: check
+	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
 CVE-2018-14890 (Vectra Networks Cognito Brain and Sensor before 4.2 contains a ...)
-	TODO: check
+	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
 CVE-2018-14889 (CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 ...)
-	TODO: check
+	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
 CVE-2018-14888 (inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin ...)
 	NOT-FOR-US: Eldenroot Thank You/Like plugin for MyBB
 CVE-2018-14887
@@ -6333,7 +6333,7 @@ CVE-2018-14827 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A
 CVE-2018-14826
 	RESERVED
 CVE-2018-14825 (On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 ...)
-	TODO: check
+	NOT-FOR-US: Honeywell
 CVE-2018-14824
 	RESERVED
 CVE-2018-14823
@@ -6610,11 +6610,11 @@ CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.
 	- linux 4.17.14-1
 	NOTE: https://git.kernel.org/linus/cb2595c1393b4a5211534e6f0a0fbad369e21ad8 (4.18-rc1)
 CVE-2018-14732 (An issue was discovered in lib/Server.js in webpack-dev-server before ...)
-	TODO: check
+	NOT-FOR-US: webpack-dev-server
 CVE-2018-14731 (An issue was discovered in HMRServer.js in Parcel parcel-bundler. ...)
-	TODO: check
+	NOT-FOR-US: parcel-bundler
 CVE-2018-14730 (An issue was discovered in Browserify-HMR. Attackers are able to steal ...)
-	TODO: check
+	NOT-FOR-US: Browserify-HMR
 CVE-2018-14729
 	RESERVED
 CVE-2018-14728 (upload.php in Responsive FileManager 9.13.1 allows SSRF via the url ...)
@@ -6693,13 +6693,13 @@ CVE-2018-14693
 CVE-2018-14692
 	RESERVED
 CVE-2018-14691 (An issue was discovered in Subsonic 6.1.1. The music tags feature is ...)
-	TODO: check
+	NOT-FOR-US: Subsonic
 CVE-2018-14690 (An issue was discovered in Subsonic 6.1.1. The general settings are ...)
-	TODO: check
+	NOT-FOR-US: Subsonic
 CVE-2018-14689 (An issue was discovered in Subsonic 6.1.1. The transcoding settings ...)
-	TODO: check
+	NOT-FOR-US: Subsonic
 CVE-2018-14688 (An issue was discovered in Subsonic 6.1.1. The radio settings are ...)
-	TODO: check
+	NOT-FOR-US: Subsonic
 CVE-2018-14687
 	RESERVED
 CVE-2018-14686 (system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted ...)
@@ -7898,7 +7898,7 @@ CVE-2018-14320 (This vulnerability allows remote attackers to disclose sensitive
 CVE-2018-14319
 	RESERVED
 CVE-2018-14318 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2018-14317 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2018-14316 (This vulnerability allows remote attackers to disclose sensitive ...)
@@ -10498,7 +10498,7 @@ CVE-2018-13142
 CVE-2018-13141
 	RESERVED
 CVE-2018-13140 (Druide Antidote through 9.5.1 on Windows and Linux allows remote code ...)
-	TODO: check
+	NOT-FOR-US: Druide Antidote
 CVE-2018-13139 (A stack-based buffer overflow in psf_memset in common.c in libsndfile ...)
 	- libsndfile <unfixed> (unimportant)
 	NOTE: https://github.com/erikd/libsndfile/issues/397
@@ -10564,7 +10564,7 @@ CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta 1 allows remot
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
 	NOTE: https://github.com/appneta/tcpreplay/issues/477
 CVE-2018-13111 (There exists a partial Denial of Service vulnerability in Wanscam ...)
-	TODO: check
+	NOT-FOR-US: Wanscam
 CVE-2018-13110 (All ADB broadband gateways / routers based on the Epicentro platform ...)
 	NOT-FOR-US: ADB broadband gateways / routers
 CVE-2018-13109 (All ADB broadband gateways / routers based on the Epicentro platform ...)
@@ -10887,7 +10887,7 @@ CVE-2018-12977 (A SQL injection vulnerability in the SoftExpert (SE) Excellence
 CVE-2018-12976 (In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use ...)
 	NOT-FOR-US: Go Doc Dot Org
 CVE-2018-12975 (The random() function of the smart contract implementation for ...)
-	TODO: check
+	NOT-FOR-US: CryptoSaga
 CVE-2018-12974
 	RESERVED
 CVE-2018-12973 (An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter ...)
@@ -11226,11 +11226,11 @@ CVE-2018-12852
 CVE-2018-12851
 	RESERVED
 CVE-2018-12850 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12849 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12848 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12847
 	RESERVED
 CVE-2018-12846
@@ -11246,7 +11246,7 @@ CVE-2018-12842
 CVE-2018-12841
 	RESERVED
 CVE-2018-12840 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12839
 	RESERVED
 CVE-2018-12838
@@ -11324,7 +11324,7 @@ CVE-2018-12803 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30
 CVE-2018-12802 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12801 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12800
 	RESERVED
 CVE-2018-12799 (Adobe Acrobat and Reader versions 2018.011.20055 and earlier, ...)
@@ -11370,13 +11370,13 @@ CVE-2018-12780 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30
 CVE-2018-12779 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12778 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12777 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12776 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12775 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-12774 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12773 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
@@ -12198,7 +12198,7 @@ CVE-2018-12513
 CVE-2018-12512
 	RESERVED
 CVE-2018-12511 (In the mintToken function of a smart contract implementation for ...)
-	TODO: check
+	NOT-FOR-US: Substratum
 CVE-2018-12510
 	RESERVED
 CVE-2018-12509



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/522d48193161b2c2265872c279dda705f40330f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/522d48193161b2c2265872c279dda705f40330f9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180925/bff9f199/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list