[Git][security-tracker-team/security-tracker][master] NFUs

Thu, 10 Sep 2020 08:40:26 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
34dce990 by Moritz Muehlenhoff at 2020-09-10T17:40:02+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -83985,7 +83985,7 @@ CVE-2019-11939 (Golang Facebook Thrift servers would 
not error upon receiving me
        - thrift <unfixed>
        NOTE: 
https://github.com/facebook/fbthrift/commit/483ed864d69f307e9e3b9dadec048216100c0757
 CVE-2019-11938 (Java Facebook Thrift servers would not error upon receiving 
messages d ...)
-       TODO: check
+       NOT-FOR-US: Java Facebook Thrift
 CVE-2019-11937 (In Mcrouter prior to v0.41.0, a large struct input provided to 
the Car ...)
        NOT-FOR-US: mcrouter
        NOTE: https://github.com/facebook/mcrouter/releases
@@ -87472,9 +87472,8 @@ CVE-2019-10755 (The SAML identifier generated within 
SAML2Utils.java was found t
 CVE-2019-10754 (Multiple classes used within Apereo CAS before release 
6.1.0-RC5 makes ...)
        NOT-FOR-US: Apereo Central Authentication Service
 CVE-2019-10753 (In all versions prior to version 3.9.6 for eclipse-wtp, all 
versions p ...)
-       - eclipse-wtp <undetermined>
+       - eclipse-wtp <not-affected> (Does not affect the Debian build/package)
        NOTE: https://snyk.io/vuln/SNYK-JAVA-COMDIFFPLUGSPOTLESS-460377
-       TODO: check
 CVE-2019-10752 (Sequelize, all versions prior to version 4.44.3 and 5.15.1, is 
vulnera ...)
        NOT-FOR-US: sequelize Node module
 CVE-2019-10751 (All versions of the HTTPie package prior to version 1.0.3 are 
vulnerab ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34dce9906e7a289a5eacefcd7d2c10e9fa1433dc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34dce9906e7a289a5eacefcd7d2c10e9fa1433dc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to