Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4c7c2bea by Moritz Muehlenhoff at 2019-10-23T10:47:14Z
NFUs
take firefox
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2595,23 +2595,23 @@ CVE-2015-9503
CVE-2015-9502
RESERVED
CVE-2015-9501 (The Artificial Intelligence theme before 1.2.4 for WordPress
has XSS b ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9500 (The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has
XSS via ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9499 (The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code
execut ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9498 (The wps-hide-login plugin before 1.1 for WordPress has CSRF
that affec ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9497 (The ad-inserter plugin before 1.5.3 for WordPress has CSRF with
result ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9496 (The freshmail-newsletter plugin before 1.6 for WordPress has
shortcode ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9495 (The syndication-links plugin before 1.0.3 for WordPress has XSS
via th ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9494 (The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has
XSS vi ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-9493 (The my-wish-list plugin before 1.4.2 for WordPress has multiple
XSS is ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2019-17547 (In ImageMagick before 7.0.8-62, TraceBezier in
MagickCore/draw.c has a ...)
- imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537
@@ -3996,11 +3996,11 @@ CVE-2019-16975
CVE-2019-16974 (In FusionPBX up to 4.5.7, the file
app\contacts\contact_times.php uses ...)
NOT-FOR-US: FusionPBX
CVE-2019-16973 (In FusionPBX up to 4.5.7, the file
app\contacts\contact_edit.php uses ...)
- TODO: check
+ NOT-FOR-US: FusionPBX
CVE-2019-16972 (In FusionPBX up to 4.5.7, the file
app\contacts\contact_addresses.php ...)
- TODO: check
+ NOT-FOR-US: FusionPBX
CVE-2019-16971 (In FusionPBX up to 4.5.7, the file
app\messages\messages_thread.php us ...)
- TODO: check
+ NOT-FOR-US: FusionPBX
CVE-2019-16970 (In FusionPBX up to 4.5.7, the file
app\sip_status\sip_status.php uses ...)
NOT-FOR-US: FusionPBX
CVE-2019-16969 (In FusionPBX up to 4.5.7, the file
app\fifo_list\fifo_interactive.php ...)
@@ -30953,7 +30953,7 @@ CVE-2019-8091
CVE-2019-8090
RESERVED
CVE-2019-8089 (Adobe Experience Manager Forms versions 6.3-6.5 have a
reflected cross ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2019-8088
RESERVED
CVE-2019-8087
=====================================
data/dsa-needed.txt
=====================================
@@ -21,7 +21,7 @@ curl (ghedo)
--
evince/oldstable
--
-firefox-esr
+firefox-esr (jmm)
--
freeimage (hle)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4c7c2bea1026d18e526cc5586da5307181969d32
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4c7c2bea1026d18e526cc5586da5307181969d32
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
