[Git][security-tracker-team/security-tracker][master] NFUs

Tue, 05 Feb 2019 01:40:29 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c889d583 by Moritz Muehlenhoff at 2019-02-05T09:39:37Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -113,23 +113,23 @@ CVE-2019-1000019 (libarchive version commit 
bf9aec176c6748f0ee7a678c5f9f9555b9a7
        NOTE: https://github.com/libarchive/libarchive/pull/1120
        NOTE: 
https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
 CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an 
Incorrect ...)
-       TODO: check
+       NOT-FOR-US: Chamilo Chamilo-lms
 CVE-2019-1000016 (FFMPEG version 4.1 contains a CWE-129: Improper Validation 
of Array ...)
        TODO: check
 CVE-2019-1000015 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a 
Cross Site ...)
-       TODO: check
+       NOT-FOR-US: Chamilo Chamilo-lms
 CVE-2019-1000014 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a 
Signing ...)
        TODO: check
 CVE-2019-1000013 (Hex package manager hex_core version 0.3.0 and earlier 
contains a ...)
-       TODO: check
+       NOT-FOR-US: Hex package manager
 CVE-2019-1000012 (Hex package manager version 0.14.0 through 0.18.2 contains a 
Signing ...)
-       TODO: check
+       NOT-FOR-US: Hex package manager
 CVE-2019-1000011 (API Platform version from 2.2.0 to 2.3.5 contains an 
Incorrect Access ...)
-       TODO: check
+       NOT-FOR-US: API Platform
 CVE-2019-1000010 (phpIPAM version 1.3.2 and earlier contains a Cross Site 
Scripting ...)
        NOT-FOR-US: phpIPAM
 CVE-2019-1000009 (Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains 
a CWE-22: ...)
-       TODO: check
+       NOT-FOR-US: Helm ChartMuseum
 CVE-2019-1000008 (All versions of Helm between Helm >=2.0.0 and < 2.12.2 
contains a ...)
        TODO: check
 CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper 
Handling of ...)
@@ -137,7 +137,7 @@ CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier 
contains a Improper Handlin
 CVE-2019-1000006 (RIOT RIOT-OS version after commit ...)
        NOT-FOR-US: RIOT RIOT-OS
 CVE-2019-1000005 (mPDF version 7.1.7 and earlier contains a CWE-502: 
Deserialization of ...)
-       TODO: check
+       NOT-FOR-US: mPDF
 CVE-2019-1000004 (yugandhargangu JspMyAdmin2 version 1.0.6 and earlier 
contains a Cross ...)
        NOT-FOR-US: yugandhargangu JspMyAdmin2
 CVE-2019-1000003 (MapSVG MapSVG Lite version 3.2.3 contains a Cross Site 
Request Forgery ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c889d583d924b8b8a24cfdc5cd8b9a3fe88880f0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c889d583d924b8b8a24cfdc5cd8b9a3fe88880f0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to