Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
65727d38 by Moritz Muehlenhoff at 2018-03-22T23:14:55+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -9,19 +9,19 @@ CVE-2018-8938
CVE-2018-8937
RESERVED
CVE-2018-8936 (The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile
processor chips ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2018-8935 (The Promontory chipset, as used in AMD Ryzen and Ryzen Pro
platforms, ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2018-8934 (The Promontory chipset, as used in AMD Ryzen and Ryzen Pro
platforms, ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2018-8933 (The AMD EPYC Server processor chips have insufficient access
control ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2018-8932 (The AMD Ryzen and Ryzen Pro processor chips have insufficient
access ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2018-8931 (The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have
...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2018-8930 (The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile
processor chips ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2018-8929
RESERVED
CVE-2018-8928
@@ -3454,7 +3454,7 @@ CVE-2018-7534
CVE-2018-7533 (An Incorrect Default Permissions issue was discovered in
OSIsoft PI ...)
NOT-FOR-US: OSIsoft PI
CVE-2018-7532 (Unauthentication vulnerabilities have been identified in
Geutebruck ...)
- TODO: check
+ NOT-FOR-US: IP Geutebruck and Topline IP cameras
CVE-2018-7531 (An Improper Input Validation issue was discovered in OSIsoft PI
Data ...)
NOT-FOR-US: OSIsoft PI
CVE-2018-7530
@@ -3462,7 +3462,7 @@ CVE-2018-7530
CVE-2018-7529 (A Deserialization of Untrusted Data issue was discovered in
OSIsoft PI ...)
NOT-FOR-US: OSIsoft PI
CVE-2018-7528 (An SQL injection vulnerability has been identified in
Geutebruck ...)
- TODO: check
+ NOT-FOR-US: IP Geutebruck and Topline IP cameras
CVE-2018-7527
RESERVED
CVE-2018-7526
@@ -3470,7 +3470,7 @@ CVE-2018-7526
CVE-2018-7525 (In Omron CX-Supervisor Versions 3.30 and prior, processing a
malformed ...)
NOT-FOR-US: Omron CX-Supervisor
CVE-2018-7524 (A cross-site request forgery vulnerability has been identified
in ...)
- TODO: check
+ NOT-FOR-US: IP Geutebruck and Topline IP cameras
CVE-2018-7523 (In Omron CX-Supervisor Versions 3.30 and prior, parsing
malformed ...)
NOT-FOR-US: Omron CX-Supervisor
CVE-2018-7522
@@ -3478,7 +3478,7 @@ CVE-2018-7522
CVE-2018-7521 (In Omron CX-Supervisor Versions 3.30 and prior, use after free
...)
NOT-FOR-US: Omron CX-Supervisor
CVE-2018-7520 (An improper access control vulnerability has been identified in
...)
- TODO: check
+ NOT-FOR-US: IP Geutebruck and Topline IP cameras
CVE-2018-7519 (In Omron CX-Supervisor Versions 3.30 and prior, parsing
malformed ...)
NOT-FOR-US: Omron CX-Supervisor
CVE-2018-7518
@@ -3486,7 +3486,7 @@ CVE-2018-7518
CVE-2018-7517 (In Omron CX-Supervisor Versions 3.30 and prior, parsing
malformed ...)
NOT-FOR-US: Omron CX-Supervisor
CVE-2018-7516 (A server-side request forgery vulnerability has been identified
in ...)
- TODO: check
+ NOT-FOR-US: IP Geutebruck and Topline IP cameras
CVE-2018-7515 (In Omron CX-Supervisor Versions 3.30 and prior, access of ...)
NOT-FOR-US: Omron CX-Supervisor
CVE-2018-7514
@@ -3494,7 +3494,7 @@ CVE-2018-7514
CVE-2018-7513 (In Omron CX-Supervisor Versions 3.30 and prior, parsing
malformed ...)
NOT-FOR-US: Omron CX-Supervisor
CVE-2018-7512 (A cross-site scripting vulnerability has been identified in
Geutebruck ...)
- TODO: check
+ NOT-FOR-US: IP Geutebruck and Topline IP cameras
CVE-2018-7511 (In Eaton ELCSoft versions 2.04.02 and prior, there are multiple
cases ...)
NOT-FOR-US: Eaton ELCSoft
CVE-2018-7510
@@ -6628,7 +6628,7 @@ CVE-2017-18096
CVE-2017-18095 (The SnippetRPCServiceImpl class in Atlassian Crucible before
version ...)
NOT-FOR-US: Atlassian Crucible
CVE-2017-18094 (Various resources in Atlassian Fisheye and Crucible before
version ...)
- TODO: check
+ NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2017-18093 (Various resources in Atlassian Fisheye and Crucible before
version ...)
NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2017-18092 (The print snippet resource in Atlassian Crucible before
version 4.4.3 ...)
@@ -8815,7 +8815,7 @@ CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0
contains an out bounds
NOTE: Introduced by:
https://github.com/curl/curl/commit/0761a51ee0551ad9e5
NOTE: Patch:
https://github.com/curl/curl/commit/fa3dbb9a147488a294.patch
CVE-2018-5731 (An issue was discovered in Heimdal PRO 2.2.190. As part of the
scanning ...)
- TODO: check
+ NOT-FOR-US: Heimdal PRO
CVE-2018-5730 (MIT krb5 1.6 or later allows an authenticated kadmin with
permission ...)
- krb5 <unfixed> (bug #891869)
NOTE: Fixed by:
https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
@@ -9339,7 +9339,7 @@ CVE-2018-5511
CVE-2018-5510
RESERVED
CVE-2018-5509 (On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a
specifically ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5508
RESERVED
CVE-2018-5507
@@ -9347,13 +9347,13 @@ CVE-2018-5507
CVE-2018-5506
RESERVED
CVE-2018-5505 (On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are
both ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5504 (In some circumstances, the Traffic Management Microkernel (TMM)
does ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5503 (On F5 BIG-IP versions 13.0.0 - 13.1.0.3 or 12.0.0 - 12.1.3.1,
TMM may ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5502 (On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able
to ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5501 (In some circumstances, on F5 BIG-IP systems running 13.0.0,
12.1.0 - ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5500 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or
11.6.1 - ...)
@@ -9713,7 +9713,7 @@ CVE-2018-5351
CVE-2018-5350
RESERVED
CVE-2018-5349 (A vulnerability has been found in Heimdal PRO v2.2.190, but it
is most ...)
- TODO: check
+ NOT-FOR-US: Heimdal PRO
CVE-2018-5348
RESERVED
CVE-2018-5347 (Seagate Media Server in Seagate Personal Cloud has
unauthenticated ...)
@@ -10101,7 +10101,7 @@ CVE-2018-5227
CVE-2018-5226
RESERVED
CVE-2018-5225 (In browser editing in Atlassian Bitbucket Server from version
4.13.0 ...)
- TODO: check
+ NOT-FOR-US: Atlassian Bitbucket Server
CVE-2018-5224
RESERVED
CVE-2018-5223
@@ -19350,7 +19350,7 @@ CVE-2018-1450
CVE-2018-1449
RESERVED
CVE-2018-1448 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1447
RESERVED
CVE-2018-1446
@@ -19390,11 +19390,11 @@ CVE-2018-1430
CVE-2018-1429
RESERVED
CVE-2018-1428 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5,
and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1427 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5,
and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1426 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5,
and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1425 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses
weaker ...)
NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1424
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/65727d38ecd18b2edbf4b27fa9b980288801d08d
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/65727d38ecd18b2edbf4b27fa9b980288801d08d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
