[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Mon, 22 Jul 2019 13:21:57 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f0233c87 by Salvatore Bonaccorso at 2019-07-22T20:21:07Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3527,15 +3527,15 @@ CVE-2019-13102
 CVE-2019-13101
        RESERVED
 CVE-2019-13100 (The Send Anywhere application 9.4.18 for Android stores 
confidential i ...)
-       TODO: check
+       NOT-FOR-US: Send Anywhere application for Android
 CVE-2019-13099 (The Momo application 2.1.9 for Android stores confidential 
information ...)
-       TODO: check
+       NOT-FOR-US: Momo application for Android
 CVE-2019-13098 (The user password via the registration form of TronLink Wallet 
2.2.0 i ...)
-       TODO: check
+       NOT-FOR-US: TronLink Wallet
 CVE-2019-13097 (The application API of Cat Runner Decorate Home version 2.8.0 
for Andr ...)
-       TODO: check
+       NOT-FOR-US: Cat Runner Decorate Home
 CVE-2019-13096 (TronLink Wallet 2.2.0 stores user wallet keystore in plaintext 
and pla ...)
-       TODO: check
+       NOT-FOR-US: TronLink Wallet
 CVE-2019-13095
        RESERVED
 CVE-2019-13094
@@ -5510,15 +5510,15 @@ CVE-2019-12330
 CVE-2019-12329
        RESERVED
 CVE-2019-12328 (A command injection (missing input validation) issue in the 
remote pho ...)
-       TODO: check
+       NOT-FOR-US: Atcom A10W VoIP phone
 CVE-2019-12327 (Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 
allow a ...)
-       TODO: check
+       NOT-FOR-US: Akuvox R50P VoIP phone
 CVE-2019-12326 (Missing file and path validation in the ringtone upload 
function of th ...)
-       TODO: check
+       NOT-FOR-US: Akuvox R50P VoIP phone
 CVE-2019-12325 (The Htek UC902 VoIP phone web management interface contains 
several bu ...)
-       TODO: check
+       NOT-FOR-US: Htek UC902 VoIP phone
 CVE-2019-12324 (A command injection (missing input validation) issue in the IP 
address ...)
-       TODO: check
+       NOT-FOR-US: Akuvox R50P VoIP phone
 CVE-2019-12323 (The HC.Server service in Hosting Controller HC10 10.14 allows 
an Inval ...)
        NOT-FOR-US: Hosting Controller HC10
 CVE-2019-12322
@@ -12109,17 +12109,17 @@ CVE-2019-1010239 (DaveGamble/cJSON cJSON 1.7.8 is 
affected by: Improper Check fo
 CVE-2019-1010238 (Gnome Pango 1.42 and later is affected by: Buffer Overflow. 
The impact ...)
        TODO: check
 CVE-2019-1010237 (Ilias 5.3 before 5.3.12; 5.2 before 5.2.21 is affected by: 
Cross Site  ...)
-       TODO: check
+       NOT-FOR-US: ILIAS
 CVE-2019-1010236
        RESERVED
 CVE-2019-1010235 (Frog CMS 1.1 is affected by: Cross Site Scripting (XSS). The 
impact is ...)
-       TODO: check
+       NOT-FOR-US: Frog CMS
 CVE-2019-1010234 (The Linux Foundation ONOS 1.15.0 and ealier is affected by: 
Improper I ...)
-       TODO: check
+       NOT-FOR-US: ONOS
 CVE-2019-1010233
        RESERVED
 CVE-2019-1010232 (Juniper juniper/libslax libslax latest version (as of commit 
084ddf6ab ...)
-       TODO: check
+       NOT-FOR-US: Juniper
 CVE-2019-1010231
        RESERVED
 CVE-2019-1010230
@@ -28522,7 +28522,7 @@ CVE-2019-3416
 CVE-2019-3415 (ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path 
traver ...)
        NOT-FOR-US: ZTE
 CVE-2019-3414 (All versions up to V1.19.20.02 of ZTE OTCP product are impacted 
by XSS ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2019-3413 (All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product 
have an  ...)
        NOT-FOR-US: ZTE
 CVE-2019-3412 (All versions up to BD_R218V2.4 of ZTE MF920 product are 
impacted by co ...)
@@ -32923,7 +32923,7 @@ CVE-2019-2294
 CVE-2019-2293
        RESERVED
 CVE-2019-2292 (Out of bound access can occur due to buffer copy without 
checking size ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2291
        RESERVED
 CVE-2019-2290
@@ -32933,7 +32933,7 @@ CVE-2019-2289
 CVE-2019-2288
        RESERVED
 CVE-2019-2287 (Improper validation for inputs received from firmware can lead 
to an o ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2286
        RESERVED
 CVE-2019-2285
@@ -32949,12 +32949,12 @@ CVE-2019-2281
 CVE-2019-2280
        RESERVED
 CVE-2019-2279 (Shared memory gets updated with invalid data and may lead to 
access be ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2278
        RESERVED
        NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2277 (Out of bound read can happen due to lack of NULL termination on 
user c ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2276
        RESERVED
        NOT-FOR-US: Qualcomm components for Android
@@ -32971,7 +32971,7 @@ CVE-2019-2271
 CVE-2019-2270
        RESERVED
 CVE-2019-2269 (Possible buffer overflow while processing the high level lim 
process a ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2268
        RESERVED
 CVE-2019-2267
@@ -32981,15 +32981,15 @@ CVE-2019-2266
 CVE-2019-2265
        RESERVED
 CVE-2019-2264 (Null pointer dereference occurs for channel context while 
opening glin ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2263
        RESERVED
 CVE-2019-2262
        RESERVED
 CVE-2019-2261 (Unauthorized access from GPU subsystem to HLOS or other non 
secure sub ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2260 (A race condition occurs while processing perf-event which can 
lead to  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2259 (Resource allocation error while playing the video whose 
dimensions are ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2258
@@ -33025,7 +33025,7 @@ CVE-2019-2245 (Possible integer underflow can happen 
when calculating length of
 CVE-2019-2244 (Possible integer underflow can happen when calculating length 
of eleme ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2243 (Possible buffer overflow at the end of iterating loop while 
getting th ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2242
        RESERVED
 CVE-2019-2241
@@ -53675,13 +53675,13 @@ CVE-2018-13929
 CVE-2018-13928
        RESERVED
 CVE-2018-13927 (Debug policy with invalid signature can be loaded when the 
debug polic ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2018-13926
        RESERVED
 CVE-2018-13925 (Error in parsing PMT table frees the memory allocated for the 
map sect ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13924 (Lack of check to prevent the buffer length taking negative 
values can  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2018-13923
        RESERVED
 CVE-2018-13922
@@ -53738,7 +53738,7 @@ CVE-2018-13898 (Out-of-Bounds write due to incorrect 
array index check in PMIC i
 CVE-2018-13897
        RESERVED
 CVE-2018-13896 (XBL_SEC image authentication and other crypto related 
validations are  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2018-13895 (Due to the missing permissions on several content providers of 
the RCS ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13894



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0233c874329e09f701a1f74dd67a4dc7ffa1ac2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0233c874329e09f701a1f74dd67a4dc7ffa1ac2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to