[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Wed, 02 Oct 2019 12:40:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
654a22d8 by Salvatore Bonaccorso at 2019-10-02T19:39:39Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34,7 +34,7 @@ CVE-2019-17065
 CVE-2019-17064 (Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because 
Catalog ...)
        TODO: check
 CVE-2019-17063 (In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF 
file can ...)
-       TODO: check
+       NOT-FOR-US: Snowtide PDFxStream
 CVE-2019-17062
        RESERVED
 CVE-2019-17061
@@ -172,7 +172,7 @@ CVE-2019-17001
 CVE-2019-17000
        RESERVED
 CVE-2019-16999 (CloudBoot through 2019-03-08 allows SQL Injection via a 
crafted Status ...)
-       TODO: check
+       NOT-FOR-US: CloudBoot
 CVE-2019-16998
        RESERVED
 CVE-2019-16997 (In Metinfo 7.0.0beta, a SQL Injection was discovered in 
app/system/lan ...)
@@ -180,7 +180,7 @@ CVE-2019-16997 (In Metinfo 7.0.0beta, a SQL Injection was 
discovered in app/syst
 CVE-2019-16996 (In Metinfo 7.0.0beta, a SQL Injection was discovered in 
app/system/pro ...)
        NOT-FOR-US: Metinfo
 CVE-2017-18636 (CDG through 2017-01-01 allows 
downloadDocument.jsp?command=download&am ...)
-       TODO: check
+       NOT-FOR-US: CDG
 CVE-2019-16995 (In the Linux kernel before 5.0.3, a memory leak exits in 
hsr_dev_final ...)
        - linux 4.19.37-1
        [stretch] - linux 4.9.168-1
@@ -971,9 +971,9 @@ CVE-2019-16686 (Dolibarr 9.0.5 has stored XSS in a User 
Note section to note.php
 CVE-2019-16685 (Dolibarr 9.0.5 has stored XSS vulnerability via a User Group 
Descripti ...)
        - dolibarr <removed>
 CVE-2019-16684 (An issue was discovered in the image-manager in Xoops 2.5.10. 
When any ...)
-       TODO: check
+       NOT-FOR-US: Xoops
 CVE-2019-16683 (An issue was discovered in the image-manager in Xoops 2.5.10. 
When the ...)
-       TODO: check
+       NOT-FOR-US: Xoops
 CVE-2019-16682
        RESERVED
 CVE-2018-21018 (Mastodon before 2.6.3 mishandles timeouts of incompletely 
established  ...)
@@ -1418,7 +1418,7 @@ CVE-2019-16510 (libIEC61850 through 1.3.3 has a 
use-after-free in MmsServer_wait
 CVE-2019-16509
        RESERVED
 CVE-2019-16508 (The Imagination Technologies driver for Chrome OS before 
R74-11895.B,  ...)
-       TODO: check
+       NOT-FOR-US: Imagination Technologies driver for Chrome OS
 CVE-2019-16507
        RESERVED
 CVE-2019-16506
@@ -2973,7 +2973,7 @@ CVE-2019-15941 (OpenID Connect Issuer in LemonLDAP::NG 
2.x through 2.0.5 may all
        NOTE: were added only in 2.0 the vulnerability has no effect. The 
vulnerability
        NOTE: itself exists only with versions >= 1.9.0 (as there is no OIDC 
before)
 CVE-2019-15940 (Victure PC530 devices allow unauthenticated TELNET access as 
root. ...)
-       TODO: check
+       NOT-FOR-US: Victure PC530 devices
 CVE-2019-15939 (An issue was discovered in OpenCV 4.1.0. There is a 
divide-by-zero err ...)
        TODO: check
 CVE-2019-15938 (Pengutronix barebox through 2019.08.1 has a remote buffer 
overflow in  ...)
@@ -5660,21 +5660,21 @@ CVE-2019-15044
 CVE-2019-15043 (In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API 
allow u ...)
        - grafana <removed>
 CVE-2019-15042 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had 
no SSL  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2019-15041 (JetBrains YouTrack versions before 2019.1.52545 allowed 
unbounded URL  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2019-15040
        RESERVED
 CVE-2019-15039 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had 
a possi ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2019-15038 (An issue was discovered in JetBrains TeamCity 2018.2.4. The 
TeamCity s ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2019-15037
        RESERVED
 CVE-2019-15036
        RESERVED
 CVE-2019-15035 (An issue was discovered in JetBrains TeamCity 2018.2.4. A 
TeamCity Pro ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2019-15034
        RESERVED
 CVE-2019-15033 (Pydio 6.0.8 allows Authenticated SSRF during a Remote Link 
Feature dow ...)
@@ -5915,25 +5915,25 @@ CVE-2019-14963
 CVE-2019-14962
        RESERVED
 CVE-2019-14961 (JetBrains Upsource before 2019.1.1412 was not properly 
escaping HTML t ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Upsource
 CVE-2019-14960 (JetBrains Rider before 2019.1.2 was using an unsigned 
JetBrains.Rider. ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Rider
 CVE-2019-14959
        RESERVED
 CVE-2019-14958
        RESERVED
 CVE-2019-14957 (The JetBrains Vim plugin before version 0.52 was storing 
individual pr ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Vim plugin
 CVE-2019-14956
        RESERVED
 CVE-2019-14955 (In JetBrains Hub versions earlier than 2018.4.11436, there was 
no opti ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Hub
 CVE-2019-14954 (JetBrains IntelliJ IDEA before 2019.2 was resolving the 
markdown plant ...)
-       TODO: check
+       NOT-FOR-US: JetBrains IntelliJ IDEA
 CVE-2019-14953 (JetBrains YouTrack versions before 2019.2.53938 had a possible 
XSS thr ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2019-14952 (JetBrains YouTrack versions before 2019.1.52584 had a possible 
XSS in  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2019-14951 (The Telenav Scout GPS Link app 1.x for iOS, as used with 
Toyota and Le ...)
        NOT-FOR-US: Telenav Scout GPS Link app
 CVE-2019-14950 (The wp-live-chat-support plugin before 8.0.27 for WordPress 
has XSS vi ...)
@@ -26501,15 +26501,15 @@ CVE-2019-8294
 CVE-2019-8293
        RESERVED
 CVE-2019-8292 (Online Store System v1.0 delete_product.php doesn't check to 
see if a  ...)
-       TODO: check
+       NOT-FOR-US: Online Store System
 CVE-2019-8291 (Online Store System v1.0 delete_file.php doesn't check to see 
if a use ...)
-       TODO: check
+       NOT-FOR-US: Online Store System
 CVE-2019-8290 (Vulnerability in Online Store v1.0, The registration form 
requirements ...)
-       TODO: check
+       NOT-FOR-US: Online Store System
 CVE-2019-8289 (Vulnerability in Online Store v1.0, stored XSS in 
admin/user_view.php  ...)
-       TODO: check
+       NOT-FOR-US: Online Store System
 CVE-2019-8288 (Vulnerability in Online Store v1.0, Stored XSS in user_view.php 
where  ...)
-       TODO: check
+       NOT-FOR-US: Online Store System
 CVE-2019-8287
        RESERVED
 CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky 
Internet Sec ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/654a22d8b1e1b3cc429b7dad1d6fafcb5c72f4a7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/654a22d8b1e1b3cc429b7dad1d6fafcb5c72f4a7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to