[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6a140fb2 by Salvatore Bonaccorso at 2019-04-05T19:51:17Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1290,51 +1290,51 @@ CVE-2019-10301
 CVE-2019-10300
        RESERVED
 CVE-2019-10299 (Jenkins CloudCoreo DeployTime Plugin stores credentials 
unencrypted in ...)
-       TODO: check
+       NOT-FOR-US: Jenkins CloudCoreo DeployTime Plugin
 CVE-2019-10298 (Jenkins Koji Plugin stores credentials unencrypted in its 
global confi ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Koji Plugin
 CVE-2019-10297 (Jenkins Sametime Plugin stores credentials unencrypted in its 
global c ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Sametime Plugin
 CVE-2019-10296 (Jenkins Serena SRA Deploy Plugin stores credentials 
unencrypted in its ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Serena SRA Deploy Plugin
 CVE-2019-10295 (Jenkins crittercism-dsym Plugin stores credentials unencrypted 
in job  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins crittercism-dsym Plugin
 CVE-2019-10294 (Jenkins Kmap Plugin stores credentials unencrypted in job 
config.xml f ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Kmap Plugin
 CVE-2019-10293 (A missing permission check in Jenkins Kmap Plugin in 
KmapJenkinsBuilde ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Kmap Plugin
 CVE-2019-10292 (A cross-site request forgery vulnerability in Jenkins Kmap 
Plugin in K ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Kmap Plugin
 CVE-2019-10291 (Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored 
credential ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
 CVE-2019-10290 (A missing permission check in Jenkins Netsparker Cloud Scan 
Plugin 1.1 ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
 CVE-2019-10289 (A cross-site request forgery vulnerability in Jenkins 
Netsparker Cloud ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
 CVE-2019-10288 (Jenkins Jabber Server Plugin stores credentials unencrypted in 
its glo ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Jabber Server Plugin
 CVE-2019-10287 (Jenkins youtrack-plugin Plugin 0.7.1 and older stored 
credentials unen ...)
-       TODO: check
+       NOT-FOR-US: Jenkins youtrack-plugin Plugin
 CVE-2019-10286 (Jenkins DeployHub Plugin stores credentials unencrypted in job 
config. ...)
-       TODO: check
+       NOT-FOR-US: Jenkins DeployHub Plugin
 CVE-2019-10285 (Jenkins Minio Storage Plugin stores credentials unencrypted in 
its glo ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Minio Storage Plugin
 CVE-2019-10284 (Jenkins Diawi Upload Plugin stores credentials unencrypted in 
job conf ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Diawi Upload Plugin
 CVE-2019-10283 (Jenkins mabl Plugin stores credentials unencrypted in job 
config.xml f ...)
-       TODO: check
+       NOT-FOR-US: Jenkins mabl Plugin
 CVE-2019-10282 (Jenkins Klaros-Testmanagement Plugin stores credentials 
unencrypted in ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Klaros-Testmanagement Plugin
 CVE-2019-10281 (Jenkins Relution Enterprise Appstore Publisher Plugin stores 
credentia ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Relution Enterprise Appstore Publisher Plugin
 CVE-2019-10280 (Jenkins Assembla Auth Plugin stores credentials unencrypted in 
the glo ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Assembla Auth Plugin
 CVE-2019-10279 (A missing permission check in Jenkins jenkins-reviewbot Plugin 
in the  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins jenkins-reviewbot Plugin
 CVE-2019-10278 (A cross-site request forgery vulnerability in Jenkins 
jenkins-reviewbo ...)
-       TODO: check
+       NOT-FOR-US: Jenkins jenkins-reviewbot Plugin
 CVE-2019-10277 (Jenkins StarTeam Plugin stores credentials unencrypted in job 
config.x ...)
-       TODO: check
+       NOT-FOR-US: Jenkins StarTeam Plugin
 CVE-2019-XXXX [insecure handling of /tmp/VMwareDnD]
        - open-vm-tools 2:10.3.10-1 (bug #925959; unimportant)
        NOTE: 
https://github.com/vmware/open-vm-tools/commit/e88f91b00a715b79255de6576506d80ecfdb064c
@@ -1346,7 +1346,7 @@ CVE-2019-10275
 CVE-2019-10274
        RESERVED
 CVE-2019-10273 (Information leakage vulnerability in the /mc login page in 
ManageEngin ...)
-       TODO: check
+       NOT-FOR-US: ManageEngine ServiceDesk Plus
 CVE-2019-10272
        RESERVED
 CVE-2019-10271



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a140fb29932e14925c35ac514a0e260f7f23d33

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a140fb29932e14925c35ac514a0e260f7f23d33
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits