[Git][security-tracker-team/security-tracker][master] Process some NFUs for WordPress plugins

Salvatore Bonaccorso carnil at debian.org
Thu Nov 7 08:19:38 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eba6559c by Salvatore Bonaccorso at 2019-11-07T08:19:07Z
Process some NFUs for WordPress plugins

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17554,7 +17554,7 @@ CVE-2018-20854 (An issue was discovered in the Linux kernel before 4.20. drivers
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/6acb47d1a318e5b3b7115354ebc4ea060c59d3a1
 CVE-2018-20853 (An issue was discovered in the MailPoet Newsletters (aka wysija-newsle ...)
-	TODO: check
+	NOT-FOR-US: MailPoet Newsletters (aka wysija- newsletters) plugin for WordPress
 CVE-2016-10763 (The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS ...)
 	NOT-FOR-US: CampTix Event Ticketing plugin for WordPress
 CVE-2016-10762 (The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV ...)
@@ -219565,9 +219565,9 @@ CVE-2014-9028 (Heap-based buffer overflow in stream_decoder.c in libFLAC before
 	NOTE: https://git.xiph.org/?p=flac.git;a=commit;h=fcf0ba06ae12ccd7c67cee3c8d948df15f946b85
 	NOTE: https://git.xiph.org/?p=flac.git;a=patch;h=5a365996d739bdf4711af51d9c2c71c8a5e14660
 CVE-2014-9014 (Directory traversal vulnerability in the ajaxinit function in wpmarket ...)
-	TODO: check
+	NOT-FOR-US: WP Marketplace plugin for WordPress
 CVE-2014-9013 (The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketp ...)
-	TODO: check
+	NOT-FOR-US: WP Marketplace plugin for WordPress
 CVE-2014-9012
 	RESERVED
 CVE-2014-9011



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eba6559c8c975dd92de450c1fef7bd50d77bda80

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eba6559c8c975dd92de450c1fef7bd50d77bda80
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191107/00140a4a/attachment.html>

More information about the debian-security-tracker-commits mailing list