[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Mon, 12 Feb 2018 13:47:39 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7b8b88d5 by Salvatore Bonaccorso at 2018-02-12T22:45:53+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2,7 +2,7 @@ CVE-2018-6927 (The futex_requeue function in kernel/futex.c in 
the Linux kernel 
        - linux <unfixed>
        NOTE: Fixed by: 
https://git.kernel.org/linus/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
 CVE-2018-6926 (In app/Controller/ServersController.php in MISP 2.4.87, a 
server ...)
-       TODO: check
+       NOT-FOR-US: MISP
 CVE-2018-6925
        RESERVED
 CVE-2018-6924
@@ -30,15 +30,15 @@ CVE-2018-6914
 CVE-2018-1000063
        RESERVED
 CVE-2017-18179 (Progress Sitefinity 9.1 uses wrap_access_token as a 
non-expiring ...)
-       TODO: check
+       NOT-FOR-US: Progress Sitefinity
 CVE-2017-18178 (Authenticate/SWT in Progress Sitefinity 9.1 has an open 
redirect issue ...)
-       TODO: check
+       NOT-FOR-US: Progress Sitefinity
 CVE-2017-18177 (Progress Sitefinity 9.1 has XSS via the Last name, First name, 
and ...)
-       TODO: check
+       NOT-FOR-US: Progress Sitefinity
 CVE-2017-18176 (Progress Sitefinity 9.1 has XSS via file upload, because 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Progress Sitefinity
 CVE-2017-18175 (Progress Sitefinity 9.1 has XSS via the Content Management 
Template ...)
-       TODO: check
+       NOT-FOR-US: Progress Sitefinity
 CVE-2018-6913
        RESERVED
 CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg 
through ...)
@@ -83,7 +83,7 @@ CVE-2018-6895
 CVE-2018-6894
        RESERVED
 CVE-2018-6893 (controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL 
Injection: a ...)
-       TODO: check
+       NOT-FOR-US: FineCms
 CVE-2018-6892 (An issue was discovered in CloudMe before 1.11.0. An 
unauthenticated ...)
        NOT-FOR-US: CloudMe
 CVE-2018-6891 (Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via 
a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b8b88d5d0f3eb188f3342a3a9b505623458c869

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b8b88d5d0f3eb188f3342a3a9b505623458c869
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to