Salvatore Bonaccorso · Salvatore Bonaccorso · Salvatore Bonaccorso · 2fbefd07 · 2fbefd07
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2801,7 +2801,7 @@ CVE-2018-16366 (An issue discovered in idreamsoft iCMS V7.0.10. ...)
 CVE-2018-16365 (An issue discovered in idreamsoft iCMS V7.0.10. ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-16364 (A serialization vulnerability in Zoho ManageEngine Applications ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine Applications Manager
 CVE-2018-16363 (The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via ...)
 	NOT-FOR-US: mndpsingh287 File Manager plugin for WordPress
 CVE-2018-16362 (An issue was discovered in the Source Integration plugin before 1.5.9 ...)
@@ -4148,7 +4148,9 @@ CVE-2018-15838
 CVE-2018-15837
 	RESERVED
 CVE-2018-15836 (In Openswan before 2.6.50.1, IKEv2 signature verification is ...)
-	TODO: check
+	- openswan <removed>
+	NOTE: https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51
+	NOTE: https://lists.openswan.org/pipermail/users/2018-August/023761.html
 CVE-2018-15835
 	RESERVED
 CVE-2018-15834 (In radare2 before 2.9.0, a heap overflow vulnerability exists in the ...)
@@ -4913,7 +4915,7 @@ CVE-2018-15533 (A reflected cross-site scripting vulnerability exists in Geutebr
 CVE-2018-15532
 	RESERVED
 CVE-2018-15531 (JavaMelody before 1.74.0 has XXE via parseSoapMethodName in ...)
-	TODO: check
+	NOT-FOR-US: JavaMelody
 CVE-2018-15530
 	RESERVED
 CVE-2018-15529 (A command injection vulnerability in maintenance.cgi in Mutiny ...)
@@ -6418,7 +6420,7 @@ CVE-2018-14825 (On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80
 CVE-2018-14824
 	RESERVED
 CVE-2018-14823 (Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14822
 	RESERVED
 CVE-2018-14821 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This ...)
@@ -6426,27 +6428,27 @@ CVE-2018-14821 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. T
 CVE-2018-14820
 	RESERVED
 CVE-2018-14819 (Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14818
 	RESERVED
 CVE-2018-14817 (Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14816
 	RESERVED
 CVE-2018-14815 (Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14814
 	RESERVED
 CVE-2018-14813 (Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14812
 	RESERVED
 CVE-2018-14811 (Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14810
 	RESERVED
 CVE-2018-14809 (Fuji Electric V-Server 4.0.3.0 and prior, A use after free ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14808
 	RESERVED
 CVE-2018-14807
@@ -7968,7 +7970,7 @@ CVE-2018-14329 (In HTSlib 1.8, a race condition in cram/cram_io.c might allow lo
 CVE-2018-14328 (Brynamics &quot;Online Trade - Online trading and cryptocurrency investment ...)
 	NOT-FOR-US: Brynamics "Online Trade - Online trading and cryptocurrency investment system"
 CVE-2018-14327 (The installer for the Alcatel OSPREY3_MINI Modem component on EE ...)
-	TODO: check
+	NOT-FOR-US: Alcatel
 CVE-2018-14324 (The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP ...)
 	- glassfish <not-affected> (Vulnerable code not included, only builds a few classes)
 CVE-2018-14323
@@ -21025,7 +21027,6 @@ CVE-2018-9252 (JasPer 2.0.14 allows denial of service via a reachable assertion
 	NOTE: https://github.com/mdadams/jasper/issues/173
 	NOTE: Negligable impact
 CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is ...)
-	{DLA-1524-1}
 	- libxml2 <not-affected> (Fix for CVE-2017-18258 not applied, cf. bug #895195)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=794914
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
--- a/data/DLA/list
+++ b/data/DLA/list
 [27 Sep 2018] DLA-1524-1 libxml2 - security update
-	{CVE-2017-18258 CVE-2018-9251 CVE-2018-14404 CVE-2018-14567}
+	{CVE-2017-18258 CVE-2018-14404 CVE-2018-14567}
 	[jessie] - libxml2 2.9.1+dfsg1-5+deb8u7
 [27 Sep 2018] DLA-1523-1 asterisk - security update
 	{CVE-2018-17281}