[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Tue, 23 Jul 2019 13:29:02 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
038f165c by Salvatore Bonaccorso at 2019-07-23T20:27:45Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2,7 +2,7 @@ CVE-2019-14241 (HAProxy through 2.0.2 allows attackers to cause 
a denial of serv
        - haproxy <not-affected> (Vulnerable code not present)
        NOTE: https://github.com/haproxy/haproxy/issues/181
 CVE-2019-14240 (WCMS v0.3.2 has a CSRF vulnerability, with resultant directory 
travers ...)
-       TODO: check
+       NOT-FOR-US: WCMS
 CVE-2019-14239
        RESERVED
 CVE-2019-14238
@@ -12137,7 +12137,7 @@ CVE-2019-1010222 (aubio 0.4.8 and earlier is affected 
by: null pointer. The impa
        - aubio 0.4.9-1
        NOTE: 
https://github.com/aubio/aubio/commit/eda95c9c22b4f0b466ae94c4708765eaae6e709e 
(0.4.9)
 CVE-2019-1010221 (LineageOS 16.0 and earlier is affected by: Incorrect Access 
Control. T ...)
-       TODO: check
+       NOT-FOR-US: LineageOS
 CVE-2019-1010220 (tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer 
Over-read. T ...)
        TODO: check
 CVE-2019-1010219
@@ -12161,7 +12161,7 @@ CVE-2019-1010211
 CVE-2019-1010210
        RESERVED
 CVE-2019-1010209 (GoUrl.io GoURL Wordpress Plugin 1.4.13 and earlier is 
affected by: CWE ...)
-       TODO: check
+       NOT-FOR-US: GoUrl.io GoURL Wordpress Plugin
 CVE-2019-1010208 (IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 
(Veracryp ...)
        TODO: check
 CVE-2019-1010207 (Genetechsolutions Pie Register 3.0.15 is affected by: Cross 
Site Scrip ...)
@@ -12267,23 +12267,23 @@ CVE-2019-1010158
 CVE-2019-1010157
        RESERVED
 CVE-2019-1010156 (D-Link DSL-2750U Firmware 1.11 is affected by: 
Authentication Bypass.  ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2019-1010155 (D-Link DSL-2750U 1.11 is affected by: Authentication Bypass. 
The impac ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2019-1010154
        RESERVED
 CVE-2019-1010153 (zzcms 8.3 and earlier is affected by: SQL Injection. The 
impact is: sq ...)
-       TODO: check
+       NOT-FOR-US: zzcms
 CVE-2019-1010152 (zzcms 8.3 and earlier is affected by: File Delete to Code 
Execution. T ...)
-       TODO: check
+       NOT-FOR-US: zzcms
 CVE-2019-1010151 (zzcms zzmcms 8.3 and earlier is affected by: File Delete to 
getshell.  ...)
        NOT-FOR-US: zzcms
 CVE-2019-1010150 (zzcms 8.3 and earlier is affected by: File Delete to Code 
Execution. T ...)
-       TODO: check
+       NOT-FOR-US: zzcms
 CVE-2019-1010149 (zzcms version 8.3 and earlier is affected by: File Delete to 
Code Exec ...)
-       TODO: check
+       NOT-FOR-US: zzcms
 CVE-2019-1010148 (zzcms version 8.3 and earlier is affected by: SQL Injection. 
The impac ...)
-       TODO: check
+       NOT-FOR-US: zzcms
 CVE-2019-1010147
        RESERVED
 CVE-2019-1010146
@@ -12334,9 +12334,9 @@ CVE-2019-1010126
 CVE-2019-1010125
        RESERVED
 CVE-2019-1010124 (WebAppick WooCommerce Product Feed 2.2.18 and earlier is 
affected by:  ...)
-       TODO: check
+       NOT-FOR-US: WebAppick WooCommerce Product Feed
 CVE-2019-1010123 (MODX Revolution Gallery 1.7.0 is affected by: CWE-434: 
Unrestricted Up ...)
-       TODO: check
+       NOT-FOR-US: MODX Revolution Gallery
 CVE-2019-1010122
        RESERVED
 CVE-2019-1010121
@@ -41049,21 +41049,21 @@ CVE-2018-18678
 CVE-2018-18677
        RESERVED
 CVE-2018-18676 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18675 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18674
        RESERVED
 CVE-2018-18673 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18672 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18671 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18670 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18669 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18668
        RESERVED
 CVE-2018-18667 (The mintToken function of Pylon (PYLNT) aka PylonToken, an 
Ethereum to ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/038f165c83c0a121d698e9098238cec2b9bd1688

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/038f165c83c0a121d698e9098238cec2b9bd1688
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to