[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Thu, 02 Jan 2020 12:22:50 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2107fef2 by Salvatore Bonaccorso at 2020-01-02T21:21:50+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2020-5195
 CVE-2020-5194
        RESERVED
 CVE-2019-20225 (MyBB before 1.8.22 allows an open redirect on login. ...)
-       TODO: check
+       NOT-FOR-US: MyBB
 CVE-2013-7486 (Cross-site scripting (XSS) vulnerability in the backend in 
Open-Xchang ...)
-       TODO: check
+       NOT-FOR-US: Open-Xchange App Suite
 CVE-2013-7485 (Cross-site scripting (XSS) vulnerability in the backend in 
Open-Xchang ...)
-       TODO: check
+       NOT-FOR-US: Open-Xchange App Suite
 CVE-2020-5193
        RESERVED
 CVE-2020-5192
@@ -57,7 +57,7 @@ CVE-2019-20221 (In Support Incident Tracker (SiT!) 3.67, Load 
Plugins input in t
 CVE-2019-20220 (In Support Incident Tracker (SiT!) 3.67, the search_id 
parameter in th ...)
        NOT-FOR-US: Support Incident Tracker
 CVE-2019-20219 (ngiflib 0.4 has a heap-based buffer over-read in 
GifIndexToTrueColor i ...)
-       TODO: check
+       NOT-FOR-US: ngiflib
 CVE-2019-20218 (selectExpander in select.c in SQLite 3.30.1 proceeds with WITH 
stack u ...)
        - sqlite3 3.30.1+fossil191229-1
        NOTE: Fixed by: 
https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387
@@ -242796,7 +242796,7 @@ CVE-2014-4555 (Cross-site scripting (XSS) 
vulnerability in fonts/font-form.php i
 CVE-2014-4554 (Cross-site scripting (XSS) vulnerability in 
templates/download.php in  ...)
        NOT-FOR-US: WordPress plugin SS Downloads
 CVE-2014-4553 (Cross-site Scripting (XSS) in the 
spreadshirt-rss-3d-cube-flash-galler ...)
-       TODO: check
+       NOT-FOR-US: spreadshirt-rss-3d-cube-flash- gallery plugin for WordPress
 CVE-2014-4552 (Cross-site scripting (XSS) vulnerability in 
library/includes/payment/p ...)
        NOT-FOR-US: WordPress plugin Spotlight
 CVE-2014-4551 (Cross-site scripting (XSS) vulnerability in 
diagnostics/test.php in th ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2107fef23490a9bb217e02c7e99d7deb4e9197e9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2107fef23490a9bb217e02c7e99d7deb4e9197e9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to