Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
000a3edd by Moritz Muehlenhoff at 2019-09-05T10:53:29Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -537,7 +537,7 @@ CVE-2019-15717 (Irssi 1.2.x before 1.2.2 has a
use-after-free if the IRC server
NOTE: https://irssi.org/security/irssi_sa_2019_08.txt
NOTE:
https://github.com/irssi/irssi/commit/5a4e7ab659aba2855895c9f43e9a7a131f4e89b3
CVE-2019-15716 (WTF before 0.19.0 does not set the permissions of config.yml,
which mi ...)
- TODO: check
+ NOT-FOR-US: wtfutil
CVE-2019-15715
RESERVED
CVE-2019-15714 (cli/lib/main.js in Entropic before 2019-06-13 does not reject
/ and \ ...)
@@ -824,7 +824,7 @@ CVE-2019-15632
CVE-2019-15631
RESERVED
CVE-2019-15630 (Directory Traversal in APIkit, HTTP connector, and OAuth2
Provider com ...)
- TODO: check
+ NOT-FOR-US: Mulesoft
CVE-2019-15629
RESERVED
CVE-2019-15628
@@ -17648,17 +17648,17 @@ CVE-2019-9936 (In SQLite 3.27.2, running fts5 prefix
queries inside a transactio
[jessie] - sqlite3 <no-dsa> (Minor issue)
NOTE: https://sqlite.org/src/info/b3fa58dd7403dbd4
CVE-2019-9935 (Various Lexmark products have Incorrect Access Control (issue 2
of 2). ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2019-9934 (Various Lexmark products have Incorrect Access Control (issue 1
of 2). ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2019-9933 (Various Lexmark products have a Buffer Overflow (issue 3 of 3).
...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2019-9932 (Various Lexmark products have a Buffer Overflow (issue 2 of 3).
...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2019-9931 (Various Lexmark printers contain a denial of service
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2019-9930 (Various Lexmark products have an Integer Overflow. ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2019-9929 (Northern.tech CFEngine Enterprise 3.12.1 has Insecure
Permissions. ...)
- cfengine3 <not-affected> (Issue only affecting CFEngine Enterprise
3.x version)
NOTE: Issue is specific to Enterprise version leaking CFE_ROBOT user
secrets on
@@ -19239,7 +19239,7 @@ CVE-2019-9699
CVE-2019-9698 (Symantec AV Engine, prior to 13.0.9r17, may be susceptible to
an arbit ...)
NOT-FOR-US: Symantec
CVE-2019-9697 (An information disclosure vulnerability in the Management
Center (MC) ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2019-9696 (Symantec VIP Enterprise Gateway (all versions) may be
susceptible to a ...)
NOT-FOR-US: Symantec
CVE-2019-9695 (Norton Core prior to v278 may be susceptible to an arbitrary
code exec ...)
@@ -24534,9 +24534,9 @@ CVE-2019-7596
CVE-2019-7595
RESERVED
CVE-2019-7594 (Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to
9.0 mak ...)
- TODO: check
+ NOT-FOR-US: Metasys ADS/ADX
CVE-2019-7593 (Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to
9.0 mak ...)
- TODO: check
+ NOT-FOR-US: Metasys ADS/ADX
CVE-2019-7592
RESERVED
CVE-2019-7591
@@ -25432,7 +25432,7 @@ CVE-2019-7308 (kernel/bpf/verifier.c in the Linux
kernel before 4.20.6 performs
NOTE: Fixed by:
https://git.kernel.org/linus/979d63d50c0c0f7bc537bf821e056cc9fe5abd38
NOTE: Fixed by:
https://git.kernel.org/linus/d3bd7413e0ca40b60cf60d4003246d067cafdeda
CVE-2019-7307 (Apport before versions 2.14.1-0ubuntu3.29+esm1,
2.20.1-0ubuntu2.19, 2. ...)
- TODO: check
+ NOT-FOR-US: Apport
CVE-2019-7306 [Apport hook may expose sensitive information]
RESERVED
- byobu <unfixed> (unimportant)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/000a3edd4d2b6a090d474a7dec0ed000283f696a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/000a3edd4d2b6a090d474a7dec0ed000283f696a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
