[Git][security-tracker-team/security-tracker][master] new linux issue

Moritz Muehlenhoff Tue, 22 Oct 2019 00:56:07 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d4efe2ea by Moritz Muehlenhoff at 2019-10-22T07:55:20Z
new linux issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2019-18225 (An issue was discovered in Citrix Application Delivery 
Controller (ADC ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2019-18224 (idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 
has a hea ...)
        TODO: check
 CVE-2019-18223
@@ -47,7 +47,7 @@ CVE-2019-18205
 CVE-2019-18204
        RESERVED
 CVE-2019-18203 (On the RICOH MP 501 printer, HTML Injection and Stored XSS 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Ricoh
 CVE-2019-18202 (Information Disclosure is possible on WAGO Series PFC100 and 
PFC200 de ...)
        NOT-FOR-US: WAGO Series PFC100 and PFC200 devices
 CVE-2019-18201
@@ -3849,33 +3849,33 @@ CVE-2019-16994 (In the Linux kernel before 5.0, a 
memory leak exists in sit_init
 CVE-2019-16992 (The Keybase app 2.13.2 for iOS provides potentially 
insufficient notic ...)
        NOT-FOR-US: Keybase
 CVE-2019-16991 (In FusionPBX up to v4.5.7, the file app\edit\filedelete.php 
uses an un ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16990 (In FusionPBX up to v4.5.7, the file 
app/music_on_hold/music_on_hold.ph ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16989 (In FusionPBX up to v4.5.7, the file 
app\conferences_active\conference_ ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16988 (In FusionPBX up to v4.5.7, the file 
app\basic_operator_panel\resources ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16987 (In FusionPBX up to v4.5.7, the file 
app\contacts\contact_import.php us ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16986 (In FusionPBX up to v4.5.7, the file resources\download.php 
uses an uns ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16985 (In FusionPBX up to v4.5.7, the file 
app\xml_cdr\xml_cdr_delete.php use ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16984 (In FusionPBX up to v4.5.7, the file 
app\recordings\recording_play.php  ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16983 (In FusionPBX up to v4.5.7, the file resources\paging.php has a 
paging  ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16982 (In FusionPBX up to v4.5.7, the file 
app\access_controls\access_control ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16981 (In FusionPBX up to v4.5.7, the file 
app\conference_profiles\conference ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16980 (In FusionPBX up to v4.5.7, the file 
app\call_broadcast\call_broadcast_ ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16979 (In FusionPBX up to v4.5.7, the file 
app\contacts\contact_urls.php uses ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16978 (In FusionPBX up to v4.5.7, the file 
app\devices\device_settings.php us ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16977
        RESERVED
 CVE-2019-16976
@@ -3899,11 +3899,11 @@ CVE-2019-16968
 CVE-2019-16967
        RESERVED
 CVE-2019-16966 (An issue was discovered in Contactmanager 13.x before 
13.0.45.3, 14.x  ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16965 (resources/cmd.php in FusionPBX up to 4.5.7 suffers from a 
command inje ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16964 (app/call_centers/cmd.php in the Call Center Queue Module in 
FusionPBX  ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2019-16963
        RESERVED
 CVE-2019-16962
@@ -5069,7 +5069,7 @@ CVE-2019-16532 (An HTTP Host header injection 
vulnerability exists in YzmCMS V5.
 CVE-2019-16531 (LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated 
by chan ...)
        NOT-FOR-US: LayerBB
 CVE-2019-16530 (Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x 
before 3. ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2019-16529
        RESERVED
        NOT-FOR-US: CheckUser extension for MediawWiki
@@ -27200,7 +27200,7 @@ CVE-2019-9493
 CVE-2019-9492 (A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 
SP1 an ...)
        NOT-FOR-US: Trend Micro
 CVE-2019-9491 (Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and 
below  ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2019-9490 (A vulnerability in Trend Micro InterScan Web Security Virtual 
Applianc ...)
        NOT-FOR-US: Trend Micro InterScan Web Security Virtual Appliance
 CVE-2019-9489 (A directory traversal vulnerability in Trend Micro Apex One, 
OfficeSca ...)
@@ -46807,7 +46807,8 @@ CVE-2019-2217
 CVE-2019-2216
        RESERVED
 CVE-2019-2215 (A use-after-free in binder.c allows an elevation of privilege 
from an  ...)
-       TODO: check
+       - linux 4.16.5-1
+       NOTE: Fixed by: 
https://git.kernel.org/linus/f5cb779ba16334b45ba8946d6bfa6d9834d1527f
 CVE-2019-2214
        RESERVED
 CVE-2019-2213



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4efe2ea958edb08fe3f7aaa1b62267fe4df9e1a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4efe2ea958edb08fe3f7aaa1b62267fe4df9e1a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new linux issue

Reply via email to