[Git][security-tracker-team/security-tracker][master] Revert CVE-2018-12270 back to check

Salvatore Bonaccorso carnil at debian.org
Mon May 20 22:00:36 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0134df9d by Salvatore Bonaccorso at 2019-05-20T21:00:17Z
Revert CVE-2018-12270 back to check

Marking it as NFU as per "Valve Steam" was defintively prematurely,
there is for instance src:steam in the archive which might be impacted
by the issue.

The CVE description and references are unfortunately not enlightening
regarding if src;steam might be affected.

Cf. https://github.com/VixusFoxy/CVE/wiki/CVE-2018-12270

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51272,7 +51272,7 @@ CVE-2018-12272 (xowl/request.php in Ximdex 4.0 has XSS via the content parameter
 CVE-2018-12271 (** DISPUTED ** An issue was discovered in the com.getdropbox.Dropbox a ...)
 	NOT-FOR-US: com.getdropbox.Dropbox app for IOS
 CVE-2018-12270 (In Valve Steam 1528829181 BETA, it is possible to perform a homograph  ...)
-	NOT-FOR-US: Valve Steam
+	TODO: check
 CVE-2018-12269
 	RESERVED
 CVE-2018-12268 (acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0134df9d68d2c5618361d488590fe2737327fd6d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0134df9d68d2c5618361d488590fe2737327fd6d
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190520/8204feb5/attachment.html>


More information about the debian-security-tracker-commits mailing list