Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f028b312 by Salvatore Bonaccorso at 2019-04-07T20:20:20Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,9 +9,9 @@ CVE-2019-10910
CVE-2019-10909
RESERVED
CVE-2019-10908 (In Airsonic 10.2.1, RecoverController.java generates passwords
via org ...)
- TODO: check
+ NOT-FOR-US: Airsonic
CVE-2019-10907 (Airsonic 10.2.1 uses Spring's default remember-me mechanism
based on M ...)
- TODO: check
+ NOT-FOR-US: Airsonic
CVE-2019-10906 (In Pallets Jinja before 2.10.1, str.format_map allows a
sandbox escape ...)
- jinja2 <unfixed> (bug #926602)
NOTE: https://palletsprojects.com/blog/jinja-2-10-1-released/
@@ -369,7 +369,7 @@ CVE-2019-10743
CVE-2019-10742
RESERVED
CVE-2019-10741 (K-9 Mail v5.600 can include the original quoted HTML code of a
special ...)
- TODO: check
+ NOT-FOR-US: K-9 Mail
CVE-2019-10740 (In Roundcube Webmail 1.3.4, an attacker in possession of
S/MIME or PGP ...)
TODO: check
CVE-2019-10739
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f028b31276ae8f112f9be3bc1e4fe99af0509bce
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f028b31276ae8f112f9be3bc1e4fe99af0509bce
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
