[Git][security-tracker-team/security-tracker][master] new tintin++, uap-core issues

Tue, 19 Feb 2019 01:28:57 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7f187f70 by Moritz Muehlenhoff at 2019-02-19T09:27:41Z
new tintin++, uap-core issues
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the 
uploads/ ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2019-8932
        RESERVED
 CVE-2019-8931
@@ -27,7 +27,7 @@ CVE-2019-8921
 CVE-2019-8920
        RESERVED
 CVE-2019-8919 (The seadroid (aka Seafile Android Client) application through 
2.2.13 ...)
-       TODO: check
+       NOT-FOR-US: Seafile Android Client
 CVE-2019-8918
        RESERVED
 CVE-2019-8917 (SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote 
code ...)
@@ -2734,7 +2734,8 @@ CVE-2019-7631
 CVE-2019-7630
        RESERVED
 CVE-2019-7629 (Stack-based buffer overflow in the strip_vt102_codes function 
in ...)
-       TODO: check
+       - tintin++ <unfixed>
+       [stretch] - tintin++ <no-dsa> (Minor issue)
 CVE-2019-7628 (Pagure 5.2 leaks API keys by e-mailing them to users. Few 
e-mail ...)
        - pagure <itp> (bug #829046)
 CVE-2019-7627
@@ -14018,7 +14019,10 @@ CVE-2018-20167 (Terminology before 1.3.1 allows Remote 
Code Execution because po
 CVE-2018-20165
        RESERVED
 CVE-2018-20164 (An issue was discovered in regex.yaml (aka regexes.yaml) in 
UA-Parser ...)
-       TODO: check
+       - uap-core <unfixed>
+       NOTE: 
https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014
+       NOTE: 
https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc
+       NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/ 
 CVE-2018-20163
        RESERVED
 CVE-2018-20162



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f187f70a128e38b9e21306396e776f564e41eba

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f187f70a128e38b9e21306396e776f564e41eba
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to