[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Sun Apr 7 21:20:48 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f028b312 by Salvatore Bonaccorso at 2019-04-07T20:20:20Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,9 +9,9 @@ CVE-2019-10910
CVE-2019-10909
RESERVED
CVE-2019-10908 (In Airsonic 10.2.1, RecoverController.java generates passwords via org ...)
- TODO: check
+ NOT-FOR-US: Airsonic
CVE-2019-10907 (Airsonic 10.2.1 uses Spring's default remember-me mechanism based on M ...)
- TODO: check
+ NOT-FOR-US: Airsonic
CVE-2019-10906 (In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape ...)
- jinja2 <unfixed> (bug #926602)
NOTE: https://palletsprojects.com/blog/jinja-2-10-1-released/
@@ -369,7 +369,7 @@ CVE-2019-10743
CVE-2019-10742
RESERVED
CVE-2019-10741 (K-9 Mail v5.600 can include the original quoted HTML code of a special ...)
- TODO: check
+ NOT-FOR-US: K-9 Mail
CVE-2019-10740 (In Roundcube Webmail 1.3.4, an attacker in possession of S/MIME or PGP ...)
TODO: check
CVE-2019-10739
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f028b31276ae8f112f9be3bc1e4fe99af0509bce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f028b31276ae8f112f9be3bc1e4fe99af0509bce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190407/c0aa231a/attachment.html>
More information about the debian-security-tracker-commits
mailing list