[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Apr 5 20:51:42 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a140fb2 by Salvatore Bonaccorso at 2019-04-05T19:51:17Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1290,51 +1290,51 @@ CVE-2019-10301
 CVE-2019-10300
 	RESERVED
 CVE-2019-10299 (Jenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in ...)
-	TODO: check
+	NOT-FOR-US: Jenkins CloudCoreo DeployTime Plugin
 CVE-2019-10298 (Jenkins Koji Plugin stores credentials unencrypted in its global confi ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Koji Plugin
 CVE-2019-10297 (Jenkins Sametime Plugin stores credentials unencrypted in its global c ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Sametime Plugin
 CVE-2019-10296 (Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Serena SRA Deploy Plugin
 CVE-2019-10295 (Jenkins crittercism-dsym Plugin stores credentials unencrypted in job  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins crittercism-dsym Plugin
 CVE-2019-10294 (Jenkins Kmap Plugin stores credentials unencrypted in job config.xml f ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Kmap Plugin
 CVE-2019-10293 (A missing permission check in Jenkins Kmap Plugin in KmapJenkinsBuilde ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Kmap Plugin
 CVE-2019-10292 (A cross-site request forgery vulnerability in Jenkins Kmap Plugin in K ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Kmap Plugin
 CVE-2019-10291 (Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credential ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
 CVE-2019-10290 (A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1 ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
 CVE-2019-10289 (A cross-site request forgery vulnerability in Jenkins Netsparker Cloud ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
 CVE-2019-10288 (Jenkins Jabber Server Plugin stores credentials unencrypted in its glo ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Jabber Server Plugin
 CVE-2019-10287 (Jenkins youtrack-plugin Plugin 0.7.1 and older stored credentials unen ...)
-	TODO: check
+	NOT-FOR-US: Jenkins youtrack-plugin Plugin
 CVE-2019-10286 (Jenkins DeployHub Plugin stores credentials unencrypted in job config. ...)
-	TODO: check
+	NOT-FOR-US: Jenkins DeployHub Plugin
 CVE-2019-10285 (Jenkins Minio Storage Plugin stores credentials unencrypted in its glo ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Minio Storage Plugin
 CVE-2019-10284 (Jenkins Diawi Upload Plugin stores credentials unencrypted in job conf ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Diawi Upload Plugin
 CVE-2019-10283 (Jenkins mabl Plugin stores credentials unencrypted in job config.xml f ...)
-	TODO: check
+	NOT-FOR-US: Jenkins mabl Plugin
 CVE-2019-10282 (Jenkins Klaros-Testmanagement Plugin stores credentials unencrypted in ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Klaros-Testmanagement Plugin
 CVE-2019-10281 (Jenkins Relution Enterprise Appstore Publisher Plugin stores credentia ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Relution Enterprise Appstore Publisher Plugin
 CVE-2019-10280 (Jenkins Assembla Auth Plugin stores credentials unencrypted in the glo ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Assembla Auth Plugin
 CVE-2019-10279 (A missing permission check in Jenkins jenkins-reviewbot Plugin in the  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins jenkins-reviewbot Plugin
 CVE-2019-10278 (A cross-site request forgery vulnerability in Jenkins jenkins-reviewbo ...)
-	TODO: check
+	NOT-FOR-US: Jenkins jenkins-reviewbot Plugin
 CVE-2019-10277 (Jenkins StarTeam Plugin stores credentials unencrypted in job config.x ...)
-	TODO: check
+	NOT-FOR-US: Jenkins StarTeam Plugin
 CVE-2019-XXXX [insecure handling of /tmp/VMwareDnD]
 	- open-vm-tools 2:10.3.10-1 (bug #925959; unimportant)
 	NOTE: https://github.com/vmware/open-vm-tools/commit/e88f91b00a715b79255de6576506d80ecfdb064c
@@ -1346,7 +1346,7 @@ CVE-2019-10275
 CVE-2019-10274
 	RESERVED
 CVE-2019-10273 (Information leakage vulnerability in the /mc login page in ManageEngin ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine ServiceDesk Plus
 CVE-2019-10272
 	RESERVED
 CVE-2019-10271



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a140fb29932e14925c35ac514a0e260f7f23d33

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a140fb29932e14925c35ac514a0e260f7f23d33
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190405/08fee1b3/attachment.html>

More information about the debian-security-tracker-commits mailing list