[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Apr 10 09:22:10 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
79f36e66 by Salvatore Bonaccorso at 2019-04-10T08:21:35Z
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9577,13 +9577,13 @@ CVE-2019-7363
 CVE-2019-7362
 	RESERVED
 CVE-2019-7361 (An attacker may convince a victim to open a malicious action micro (.a ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2019-7360 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2019-7359 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2019-7358 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2019-7357
 	RESERVED
 CVE-2019-7356
@@ -12667,7 +12667,7 @@ CVE-2019-6142
 CVE-2019-6141
 	RESERVED
 CVE-2019-6140 (A configuration issue has been discovered in Forcepoint Email Security ...)
-	TODO: check
+	NOT-FOR-US: Forcepoint Email Security
 CVE-2019-6139 (Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbi ...)
 	NOT-FOR-US: Forcepoint User ID (FUID) server
 CVE-2019-6138 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memor ...)
@@ -14112,7 +14112,7 @@ CVE-2019-5587
 CVE-2019-5586
 	RESERVED
 CVE-2019-5585 (An improper access control vulnerability in FortiClientMac before 6.0. ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard FortiClientMac
 CVE-2019-5584
 	RESERVED
 CVE-2019-5583
@@ -14256,11 +14256,11 @@ CVE-2019-5515 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and F
 CVE-2019-5514 (VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerab ...)
 	NOT-FOR-US: VMware
 CVE-2019-5513 (VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2,  ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2019-5512 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2019-5511 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2019-5510
 	RESERVED
 CVE-2019-5509
@@ -27142,19 +27142,19 @@ CVE-2019-0864
 CVE-2019-0863
 	RESERVED
 CVE-2019-0862 (A remote code execution vulnerability exists in the way that the scrip ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0861 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0860 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0859 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	TODO: check
 CVE-2019-0858 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0857 (A spoofing vulnerability that could allow a security feature bypass ex ...)
 	TODO: check
 CVE-2019-0856 (A remote code execution vulnerability exists when Windows improperly h ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2019-0855
 	RESERVED
 CVE-2019-0854
@@ -27178,7 +27178,7 @@ CVE-2019-0846 (A remote code execution vulnerability exists when the Windows Jet
 CVE-2019-0845 (A remote code execution vulnerability exists when the IOleCvt interfac ...)
 	TODO: check
 CVE-2019-0844 (An information disclosure vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2019-0843
 	RESERVED
 CVE-2019-0842 (A remote code execution vulnerability exists in the way that the VBScr ...)
@@ -27186,11 +27186,11 @@ CVE-2019-0842 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0841 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
 	TODO: check
 CVE-2019-0840 (An information disclosure vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2019-0839 (An information disclosure vulnerability exists when the Terminal Servi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0838 (An information disclosure vulnerability exists when Windows Task Sched ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0837 (An information disclosure vulnerability exists when DirectX improperly ...)
 	TODO: check
 CVE-2019-0836 (An elevation of privilege vulnerability exists when Windows improperly ...)
@@ -27204,25 +27204,25 @@ CVE-2019-0833 (An information disclosure vulnerability exists when Microsoft Edg
 CVE-2019-0832
 	RESERVED
 CVE-2019-0831 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0830 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0829 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0828 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0827 (A remote code execution vulnerability exists when the Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0826 (A remote code execution vulnerability exists when the Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0825 (A remote code execution vulnerability exists when the Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0824 (A remote code execution vulnerability exists when the Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0823 (A remote code execution vulnerability exists when the Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0822 (A remote code execution vulnerability exists in the way that Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0821 (An information disclosure vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Windows SMB Server
 CVE-2019-0820
@@ -27232,7 +27232,7 @@ CVE-2019-0819
 CVE-2019-0818
 	RESERVED
 CVE-2019-0817 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0816 (A security feature bypass exists in Azure SSH Keypairs, due to a chang ...)
 	- cloud-init <unfixed> (low; bug #926043)
 	[buster] - cloud-init <no-dsa> (Doesn't affect default provisioning for Azure, only limited use cases)
@@ -27247,11 +27247,11 @@ CVE-2019-0814 (An information disclosure vulnerability exists when the win32k co
 CVE-2019-0813 (An elevation of privilege vulnerability exists when Windows Admin Cent ...)
 	TODO: check
 CVE-2019-0812 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0811
 	RESERVED
 CVE-2019-0810 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0809 (A remote code execution vulnerability exists when the Visual Studio C+ ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0808 (An elevation of privilege vulnerability exists in Windows when the Win ...)
@@ -27259,7 +27259,7 @@ CVE-2019-0808 (An elevation of privilege vulnerability exists in Windows when th
 CVE-2019-0807
 	RESERVED
 CVE-2019-0806 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0805 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	TODO: check
 CVE-2019-0804 (An information disclosure vulnerability exists in the way Azure WaLinu ...)
@@ -27270,7 +27270,7 @@ CVE-2019-0803 (An elevation of privilege vulnerability exists in Windows when th
 CVE-2019-0802 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	TODO: check
 CVE-2019-0801 (A remote code execution vulnerability exists when Microsoft Office fai ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0800
 	RESERVED
 CVE-2019-0799
@@ -27500,13 +27500,13 @@ CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V N
 CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer overf ...)
 	NOT-FOR-US: Microsoft Windows Subsystem for Linux
 CVE-2019-0688 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2019-0687
 	RESERVED
 CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0685 (An elevation of privilege vulnerability exists in Windows when the Win ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2019-0684
 	RESERVED
 CVE-2019-0683 (An elevation of privilege vulnerability exists in Active Directory For ...)
@@ -78736,7 +78736,7 @@ CVE-2018-1358
 CVE-2018-1357
 	RESERVED
 CVE-2018-1356 (A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet Forti ...)
-	TODO: check
+	NOT-FOR-US: Fortinet FortiSandbox
 CVE-2018-1355 (An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 a ...)
 	NOT-FOR-US: Fortinet
 CVE-2018-1354 (An improper access control vulnerability in Fortinet FortiManager 6.0. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/79f36e666984e10c35193cd4f700bd8fdfca786a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/79f36e666984e10c35193cd4f700bd8fdfca786a
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190410/70c3d214/attachment.html>


More information about the debian-security-tracker-commits mailing list