Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0c791ef1 by Salvatore Bonaccorso at 2018-03-08T22:40:07+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7367,7 +7367,7 @@ CVE-2017-18026 (Redmine before 3.2.9, 3.3.x before 3.3.6,
and 3.4.x before 3.4.4
NOTE:
https://github.com/redmine/redmine/commit/9d797400eaec5f9fa7ba9507c82d9c18cb91d02e
NOTE: upstream fixed in 3.2.9, 3.3.6 and 3.4.4
CVE-2018-5313 (A vulnerability allows local attackers to escalate privilege on
Rapid ...)
- TODO: check
+ NOT-FOR-US: Rapid Scada
CVE-2017-1000415 (MatrixSSL version 3.7.2 has an incorrect UTCTime date range
validation ...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
@@ -8648,11 +8648,11 @@ CVE-2018-4842
CVE-2018-4841
RESERVED
CVE-2018-4840 (A vulnerability has been identified in Siemens DIGSI 4 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2018-4839 (A vulnerability has been identified in Siemens DIGSI 4 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2018-4838 (A vulnerability has been identified in Siemens EN100 Ethernet
module ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2018-4837 (A vulnerability has been identified in TeleControl Server Basic
< ...)
NOT-FOR-US: Siemens / TeleControl Server Basic
CVE-2018-4836 (A vulnerability has been identified in TeleControl Server Basic
< ...)
@@ -16802,9 +16802,9 @@ CVE-2018-1445
CVE-2018-1444
RESERVED
CVE-2018-1443 (An XML parsing vulnerability affects IBM SAML-based single
sign-on ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1442 (IBM Application Performance Management - Response Time
Monitoring ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1441
RESERVED
CVE-2018-1440
@@ -16914,7 +16914,7 @@ CVE-2018-1389
CVE-2018-1388 (GSKit V7 may disclose side channel information via
discrepancies ...)
NOT-FOR-US: IBM WebSphere MQ
CVE-2018-1387 (IBM Application Performance Management for Monitoring &
Diagnostics ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1386
RESERVED
CVE-2018-1385
@@ -17983,17 +17983,17 @@ CVE-2018-1222
CVE-2018-1221
RESERVED
CVE-2018-1220 (EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect
...)
- TODO: check
+ NOT-FOR-US: EMC RSA Archer
CVE-2018-1219 (EMC RSA Archer, versions prior to 6.2.0.8, contains an improper
access ...)
- TODO: check
+ NOT-FOR-US: EMC RSA Archer
CVE-2018-1218
RESERVED
CVE-2018-1217
RESERVED
CVE-2018-1216 (A hard-coded password vulnerability was discovered in vApp
Manager ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2018-1215 (An arbitrary file upload vulnerability was discovered in vApp
Manager ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2018-1214 (Dell EMC SupportAssist Enterprise version 1.1 creates a local
Windows ...)
NOT-FOR-US: EMC
CVE-2018-1213
@@ -18063,7 +18063,7 @@ CVE-2018-1184 (An issue was discovered in EMC
RecoverPoint for Virtual Machines
CVE-2018-1183
RESERVED
CVE-2018-1182 (An issue was discovered in EMC RSA Identity Governance and
Lifecycle ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2018-1181
RESERVED
CVE-2017-17447
@@ -50107,13 +50107,13 @@ CVE-2017-7643 (Proxifier for Mac before 2.19 allows
local users to gain privileg
CVE-2017-7642 (The sudo helper in the HashiCorp Vagrant VMware Fusion plugin
(aka ...)
NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
CVE-2017-7641 (QNAP NAS application Media Streaming add-on version 421.1.0.2,
...)
- TODO: check
+ NOT-FOR-US: QNAP NAS application Media Streaming add-on
CVE-2017-7640 (QNAP NAS application Media Streaming add-on version 421.1.0.2,
...)
- TODO: check
+ NOT-FOR-US: QNAP NAS application Media Streaming add-on
CVE-2017-7639
RESERVED
CVE-2017-7638 (QNAP NAS application Media Streaming add-on version 421.1.0.2,
...)
- TODO: check
+ NOT-FOR-US: QNAP NAS application Media Streaming add-on
CVE-2017-7637
RESERVED
CVE-2017-7636
@@ -50121,7 +50121,7 @@ CVE-2017-7636
CVE-2017-7635
RESERVED
CVE-2017-7634 (Cross-site scripting (XSS) vulnerability in QNAP NAS
application Media ...)
- TODO: check
+ NOT-FOR-US: QNAP NAS application Media Streaming add-on
CVE-2017-7633 (QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive
...)
NOT-FOR-US: QNAP
CVE-2017-7632
@@ -55023,7 +55023,7 @@ CVE-2017-6154 (On F5 BIG-IP systems running 13.0.0,
12.1.0 - 12.1.3.1, or 11.6.1
CVE-2017-6153
RESERVED
CVE-2017-6152 (A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0
with the ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IQ Centralized Management
CVE-2017-6151 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge
Gateway, ...)
NOT-FOR-US: F5 BIG-IP
CVE-2017-6150 (Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0
- ...)
@@ -68128,7 +68128,7 @@ CVE-2017-1627
CVE-2017-1626
RESERVED
CVE-2017-1625 (IBM Pulse for QRadar 1.0.0 - 1.0.3 discloses sensitive
information to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1624
RESERVED
CVE-2017-1623 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting.
This ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0c791ef14632dff4cb4f32cf210e308db6e5205c
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0c791ef14632dff4cb4f32cf210e308db6e5205c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
