[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Apr 26 22:25:37 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c5d2fe49 by Salvatore Bonaccorso at 2019-04-26T21:25:12Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,7 +135,7 @@ CVE-2019-11495
 CVE-2019-11494
 	RESERVED
 CVE-2019-11493 (VeryPDF 4.1 has a Memory Overflow leading to Code Execution because pd ...)
-	TODO: check
+	NOT-FOR-US: VeryPDF
 CVE-2019-11492
 	RESERVED
 CVE-2019-11491
@@ -796,9 +796,9 @@ CVE-2019-11221 (GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in
 	NOTE: https://github.com/gpac/gpac/commit/f4616202e5578e65746cf7e7ceeba63bee1b094b
 	NOTE: https://github.com/gpac/gpac/issues/1203
 CVE-2019-11220 (An authentication flaw in Shenzhen Yunni Technology iLnkP2P allows rem ...)
-	TODO: check
+	NOT-FOR-US: Shenzhen Yunni Technology iLnkP2P
 CVE-2019-11219 (The algorithm used to generate device IDs (UIDs) for devices that util ...)
-	TODO: check
+	NOT-FOR-US: Shenzhen Yunni Technology iLnkP2P
 CVE-2019-11218 (Improper handling of extra parameters in the AccountController (User P ...)
 	NOT-FOR-US: Bonobo Git Server
 CVE-2019-11217 (The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 a ...)
@@ -12534,7 +12534,7 @@ CVE-2019-6690 (python-gnupg 0.4.3 allows context-dependent attackers to trick gn
 CVE-2018-1000997 (A path traversal vulnerability exists in the Stapler web framework use ...)
 	NOT-FOR-US: Jenkins
 CVE-2019-6689 (An issue was discovered in Dillon Kane Tidal Workload Automation Agent ...)
-	TODO: check
+	NOT-FOR-US: Dillon Kane Tidal Workload Automation Agent
 CVE-2019-6688
 	RESERVED
 CVE-2019-6687
@@ -23078,7 +23078,7 @@ CVE-2019-2727
 CVE-2019-2726
 	RESERVED
 CVE-2019-2725 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2019-2724
 	RESERVED
 CVE-2019-2723 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
@@ -30812,7 +30812,7 @@ CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in distribute
 	- jakarta-jmeter <undetermined>
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743
 CVE-2019-0186 (The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 an ...)
-	TODO: check
+	NOT-FOR-US: Apache Pluto "Chat Room" demo portlet
 CVE-2018-19277 (securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypa ...)
 	NOT-FOR-US: PHPOffice
 CVE-2018-19276 (OpenMRS before 2.24.0 is affected by an Insecure Object Deserializatio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c5d2fe49fddb5bb4fc919e077435d80eadf4ef81

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c5d2fe49fddb5bb4fc919e077435d80eadf4ef81
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190426/a9ecb096/attachment.html>

More information about the debian-security-tracker-commits mailing list