[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Wed, 17 Jul 2019 03:18:16 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a8ba97cc by Moritz Muehlenhoff at 2019-07-17T10:17:13Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,10 @@
 CVE-2019-13625 (NSA Ghidra before 9.0.1 allows XXE when a project is opened or 
restore ...)
+       - ghidra <itp> (bug #923851)
        TODO: check
 CVE-2019-13624 (In ONOS 1.15.0, 
apps/yang/web/src/main/java/org/onosproject/yang/web/Y ...)
-       TODO: check
+       NOT-FOR-US: ONOS
 CVE-2019-13623 (In NSA Ghidra through 9.0.4, path traversal can occur in 
RestoreTask.j ...)
-       TODO: check
+       - ghidra <itp> (bug #923851)
 CVE-2019-13622
        RESERVED
 CVE-2019-13621
@@ -30,7 +31,7 @@ CVE-2019-13614
 CVE-2019-13613
        RESERVED
 CVE-2019-13612 (MDaemon Email Server 19 skips SpamAssassin checks by default 
for e-mai ...)
-       TODO: check
+       NOT-FOR-US: MDaemon Email Server
 CVE-2019-13611 (An issue was discovered in python-engineio through 3.8.2. 
There is a C ...)
        - python-engineio <unfixed>
        NOTE: https://github.com/miguelgrinberg/python-engineio/issues/128
@@ -10683,23 +10684,23 @@ CVE-2019-1010299 (The Rust Programming Language 
Standard Library 1.18.0 and late
        NOTE: https://github.com/rust-lang/rust/issues/53566
        NOTE: 
https://github.com/rust-lang/rust/pull/53571/commits/b85e4cc8fadaabd41da5b9645c08c68b8f89908d
 CVE-2019-1010298 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       TODO: check
+       NOT-FOR-US: Linaro/OP-TEE OP-TEE
 CVE-2019-1010297 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       TODO: check
+       NOT-FOR-US: Linaro/OP-TEE OP-TEE
 CVE-2019-1010296 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       TODO: check
+       NOT-FOR-US: Linaro/OP-TEE OP-TEE
 CVE-2019-1010295 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       TODO: check
+       NOT-FOR-US: Linaro/OP-TEE OP-TEE
 CVE-2019-1010294 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Rounding error. ...)
-       TODO: check
+       NOT-FOR-US: Linaro/OP-TEE OP-TEE
 CVE-2019-1010293 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Boundary crossi ...)
-       TODO: check
+       NOT-FOR-US: Linaro/OP-TEE OP-TEE
 CVE-2019-1010292 (Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: 
Boundary  ...)
-       TODO: check
+       NOT-FOR-US: Linaro/OP-TEE OP-TEE
 CVE-2019-1010291
        RESERVED
 CVE-2019-1010290 (Babel: Multilingual site Babel All is affected by: Open 
Redirection. T ...)
-       TODO: check
+       NOT-FOR-US: Babel: Multilingual
 CVE-2019-1010289
        RESERVED
 CVE-2019-1010288
@@ -11199,7 +11200,7 @@ CVE-2019-1010046
 CVE-2019-1010045
        RESERVED
 CVE-2019-1010044 (borg-reducer c6d5240 is affected by: Buffer Overflow. The 
impact is: P ...)
-       TODO: check
+       NOT-FOR-US: borg-reducer
 CVE-2019-1010043 (Quake3e &lt; 5ed740d is affected by: Buffer Overflow. The 
impact is: P ...)
        TODO: check
 CVE-2019-1010042
@@ -11212,7 +11213,7 @@ CVE-2019-1010040
 CVE-2019-1010039 (uLaunchELF &lt; commit 170827a is affected by: Buffer 
Overflow. The im ...)
        NOT-FOR-US: uLaunchELF
 CVE-2019-1010038 (OpenModelica OMCompiler is affected by: Buffer Overflow. The 
impact is ...)
-       TODO: check
+       NOT-FOR-US: OpenModelica OMCompiler
 CVE-2019-1010037
        RESERVED
 CVE-2019-1010036
@@ -26780,7 +26781,7 @@ CVE-2019-3572 (An issue was discovered in libming 
0.4.8. There is a heap-based b
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/169
 CVE-2019-3571 (An input validation issue affected WhatsApp Desktop versions 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: WhatsApp Desktop
 CVE-2019-3570
        RESERVED
        - hhvm <removed>
@@ -34200,7 +34201,7 @@ CVE-2018-19631
 CVE-2018-19630 (cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and 
LEDE throu ...)
        NOT-FOR-US: uhttpd (in OpenWRT and LEDE)
 CVE-2018-19629 (A Denial of Service vulnerability in the ImageNow Server 
service in Hy ...)
-       TODO: check
+       NOT-FOR-US: Hyland Perceptive Content Server 
 CVE-2018-19628 (In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could 
crash. Thi ...)
        {DSA-4359-1}
        - wireshark 2.6.5-1
@@ -35204,7 +35205,7 @@ CVE-2019-1074 (An elevation of privilege vulnerability 
exists in Microsoft Windo
 CVE-2019-1073 (An information disclosure vulnerability exists when the Windows 
kernel ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1072 (A remote code execution vulnerability exists when Azure DevOps 
Server  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1071 (An information disclosure vulnerability exists when the Windows 
kernel ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1070
@@ -35427,7 +35428,7 @@ CVE-2019-0964
 CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when 
Microsoft Share ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0962 (An elevation of privilege vulnerability exists in Azure 
Automation "Ru ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0961 (An information disclosure vulnerability exists when the Windows 
GDI co ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0960 (An elevation of privilege vulnerability exists in Windows when 
the Win ...)
@@ -35621,7 +35622,7 @@ CVE-2019-0867 (A Cross-site Scripting (XSS) 
vulnerability exists when Azure DevO
 CVE-2019-0866 (A Cross-site Scripting (XSS) vulnerability exists when Azure 
DevOps Se ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0865 (A denial of service vulnerability exists when SymCrypt 
improperly hand ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0864 (A denial of service vulnerability exists when .NET Framework 
improperl ...)
        NOT-FOR-US: .NET Framework
 CVE-2019-0863 (An elevation of privilege vulnerability exists in the way 
Windows Erro ...)
@@ -53317,7 +53318,7 @@ CVE-2018-13444 (An issue was discovered in SeaCMS 6.61. 
There is a CSRF vulnerab
 CVE-2018-13443 (EOS.IO jit-wasm 4.1 has a heap-based buffer overflow via a 
crafted was ...)
        NOT-FOR-US: EOS.IO jit-wasm
 CVE-2018-13442 (SolarWinds Network Performance Monitor 12.3 allows SQL 
Injection via t ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds Network Performance Monitor
 CVE-2018-13441 (qh_help in Nagios Core version 4.4.1 and earlier is prone to a 
NULL po ...)
        - nagios4 4.3.4-3 (low; bug #917160)
        NOTE: 
https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8ba97cc426fbfe7b6633a2e7e321666cec8d999

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8ba97cc426fbfe7b6633a2e7e321666cec8d999
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to