[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: Process NFUs

Wed, 14 Mar 2018 14:19:26 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9f322a8b by Salvatore Bonaccorso at 2018-03-14T22:18:26+01:00
Process NFUs

- - - - -
5ef4d6ae by Salvatore Bonaccorso at 2018-03-14T22:18:27+01:00
Add new webmin issue

- - - - -
96d98e94 by Salvatore Bonaccorso at 2018-03-14T22:18:27+01:00
Add CVE-2018-1000132/mercurial

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,19 +1,19 @@
 CVE-2018-8717 (joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an 
administrator ...)
-       TODO: check
+       NOT-FOR-US: joyplus-cms
 CVE-2018-8716
        RESERVED
 CVE-2018-8715 (The Embedthis HTTP library, and Appweb versions before 7.0.3, 
have a ...)
-       TODO: check
+       NOT-FOR-US: Embedthis HTTP library / Appweb
 CVE-2018-8714
        RESERVED
 CVE-2018-8713
        RESERVED
 CVE-2018-8712 (An issue was discovered in Webmin 1.840 and 1.880 when the 
default Yes ...)
-       TODO: check
+       - webmin <removed>
 CVE-2018-8711 (A local file inclusion issue was discovered in the WooCommerce 
Products ...)
-       TODO: check
+       NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
 CVE-2018-8710 (A remote code execution issue was discovered in the WooCommerce 
...)
-       TODO: check
+       NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
 CVE-2018-8709
        RESERVED
 CVE-2018-8708
@@ -1215,7 +1215,8 @@ CVE-2018-8111
 CVE-2018-8110
        RESERVED
 CVE-2018-1000132 (Mercurial version 4.5 and earlier contains a Incorrect 
Access Control ...)
-       TODO: check
+       - mercurial <unfixed>
+       NOTE: 
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29
 CVE-2018-1000131 (Pradeep Makone wordpress Support Plus Responsive Ticket 
System version ...)
        TODO: check
 CVE-2018-1000130 (A JNDI Injection vulnerability exists in Jolokia agent 
version 1.3.7 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9451e95f2c9110027b1fced6dae4014172c6e65c...96d98e943a4484358178c8de1322857f6fb0b8f4

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9451e95f2c9110027b1fced6dae4014172c6e65c...96d98e943a4484358178c8de1322857f6fb0b8f4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to