[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Mon, 19 Mar 2018 14:45:56 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
231df404 by Salvatore Bonaccorso at 2018-03-19T22:44:39+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -86,7 +86,7 @@ CVE-2018-8763
 CVE-2018-8762
        RESERVED
 CVE-2018-8761 (protected\apps\member\controller\shopcarController.php in Yxcms 
...)
-       TODO: check
+       NOT-FOR-US: Yxcms
 CVE-2018-8760
        RESERVED
 CVE-2018-8759
@@ -127,7 +127,7 @@ CVE-2018-8743
 CVE-2018-8742
        RESERVED
 CVE-2017-18239 (A time-sensitive equality check on the JWT signature in the 
...)
-       TODO: check
+       NOT-FOR-US: authentikat-jwt
 CVE-2018-8768 (In Jupyter Notebook before 5.4.1, a maliciously forged notebook 
file ...)
        - jupyter-notebook <unfixed> (bug #893436)
        - ipython 5.1.0-2
@@ -169,7 +169,7 @@ CVE-2018-8734
 CVE-2018-8733
        RESERVED
 CVE-2018-8732 (Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 
allows ...)
-       TODO: check
+       NOT-FOR-US: WampServer
 CVE-2018-8731
        RESERVED
 CVE-2018-8730
@@ -3425,7 +3425,7 @@ CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have 
Missing SSL Certificate 
        NOTE: src:links2 upstream in 2.11 adds support for verifying SSL 
certificates.
        TODO: double check links2 again, since #694658 claims not all issues 
are fixed
 CVE-2018-7422 (A Local File Inclusion vulnerability in the Site Editor plugin 
through ...)
-       TODO: check
+       NOT-FOR-US: Site Editor plugin for WordPress
 CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP 
dissector ...)
        - wireshark 2.4.5-1 (low)
        [stretch] - wireshark <no-dsa> (Minor issue)
@@ -5154,9 +5154,9 @@ CVE-2018-6845 (PHP Scripts Mall Multi Language Olx Clone 
Script 2.0.6 has XSS vi
 CVE-2018-6844 (MyBB 1.8.14 has XSS via the Title or Description field on the 
Edit ...)
        NOT-FOR-US: MyBB
 CVE-2018-6843 (Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL 
injection in the ...)
-       TODO: check
+       NOT-FOR-US: Kentico CMS
 CVE-2018-6842 (Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which 
a ...)
-       TODO: check
+       NOT-FOR-US: Kentico CMS
 CVE-2018-6841
        RESERVED
 CVE-2018-6840
@@ -8896,9 +8896,9 @@ CVE-2018-5554
 CVE-2018-5553
        RESERVED
 CVE-2018-5552 (Versions of DocuTrac QuicDoc and Office Therapy that ship with 
...)
-       TODO: check
+       NOT-FOR-US: DocuTrac QuicDoc and Office Therapy
 CVE-2018-5551 (Versions of DocuTrac QuicDoc and Office Therapy that ship with 
...)
-       TODO: check
+       NOT-FOR-US: DocuTrac QuicDoc and Office Therapy
 CVE-2018-5550 (Versions of Epson AirPrint released prior to January 19, 2018 
contain ...)
        NOT-FOR-US: Epson AirPrint
 CVE-2015-9250 (An issue was discovered in Skybox Platform before 7.5.201. 
Directory ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/231df404513f84e994f86314e52389277f90d8b7

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/231df404513f84e994f86314e52389277f90d8b7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to