[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Aug 15 19:13:33 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09f269d8 by Salvatore Bonaccorso at 2019-08-15T18:13:05Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20,21 +20,21 @@ CVE-2019-15055
 CVE-2019-15054
 	RESERVED
 CVE-2019-15053 (The "HTML Include and replace macro" plugin before 1.5.0 for Confluenc ...)
-	TODO: check
+	NOT-FOR-US: "HTML Include and replace macro" plugin for Confluence Server
 CVE-2019-15052 (The HTTP client in the Build tool in Gradle before 5.6 sends authentic ...)
 	TODO: check
 CVE-2019-15051
 	RESERVED
 CVE-2019-15050 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2019-15049 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2019-15048 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2019-15047 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2019-15046 (Zoho ManageEngine ServiceDesk Plus 10 before 10509 allows unauthentica ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
 CVE-2019-15045
 	RESERVED
 CVE-2019-15044
@@ -244,7 +244,7 @@ CVE-2019-14976 (iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords par
 CVE-2019-14975 (Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_ch ...)
 	TODO: check
 CVE-2019-14974 (SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.h ...)
-	TODO: check
+	NOT-FOR-US: SugarCRM
 CVE-2019-14973 (_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through ...)
 	- tiff 4.0.10+git190814-1 (bug #934780)
 	- tiff3 <removed>
@@ -1380,9 +1380,9 @@ CVE-2019-14528 (GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in
 	[jessie] - open-cobol <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/open-cobol/bugs/583/
 CVE-2019-14527 (An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices befor ...)
-	TODO: check
+	NOT-FOR-US: NETGEAR
 CVE-2019-14526 (An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices befor ...)
-	TODO: check
+	NOT-FOR-US: NETGEAR
 CVE-2019-14525 (In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019. ...)
 	NOT-FOR-US: Octopus Deploy
 CVE-2019-14524 (An issue was discovered in Schism Tracker through 20190722. There is a ...)
@@ -2208,7 +2208,7 @@ CVE-2019-14429
 CVE-2019-14428
 	RESERVED
 CVE-2019-14427 (XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch  ...)
-	TODO: check
+	NOT-FOR-US: WEB STUDIO Ultimate Loan Manager
 CVE-2019-14426
 	RESERVED
 CVE-2019-14425
@@ -6667,7 +6667,7 @@ CVE-2019-13032 (An issue was discovered in FlightCrew v0.9.2 and earlier. A NULL
 	NOTE: https://github.com/Sigil-Ebook/flightcrew/commit/b4f4a70f604ddcb4e8e343aa0e690764fc46d780
 	NOTE: Negligible security impact
 CVE-2019-13030 (eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prio ...)
-	TODO: check
+	NOT-FOR-US: eQ-3 Homematic CCU3
 CVE-2019-13029 (Multiple stored Cross-site scripting (XSS) issues in the admin panel a ...)
 	NOT-FOR-US: REDCap
 CVE-2019-13028 (An incorrect implementation of a local web server in eID client (Windo ...)
@@ -8684,7 +8684,7 @@ CVE-2019-12264 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Inco
 CVE-2019-12263 (Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP comp ...)
 	NOT-FOR-US: Wind River VxWorks
 CVE-2019-12262 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Contr ...)
-	TODO: check
+	NOT-FOR-US: Wind River VxWorks
 CVE-2019-12261 (Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the ...)
 	NOT-FOR-US: Wind River VxWorks
 CVE-2019-12260 (Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP compon ...)
@@ -9132,9 +9132,9 @@ CVE-2019-12106 (The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1
 CVE-2019-12105
 	RESERVED
 CVE-2019-12104 (The web-based configuration interface of the TP-Link M7350 V3 with fir ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2019-12103 (The web-based configuration interface of the TP-Link M7350 V3 with fir ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2019-12102 (** DISPUTED ** Kentico 11 through 12 lets attackers upload and explore ...)
 	NOT-FOR-US: Kentico
 CVE-2019-12101 (coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain ...)
@@ -16718,13 +16718,13 @@ CVE-2019-9587 (There is a stack consumption issue in md5Round1() located in Decr
 CVE-2019-9586
 	RESERVED
 CVE-2019-9585 (eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON AP ...)
-	TODO: check
+	NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9584 (eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled ...)
-	TODO: check
+	NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9583 (eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This al ...)
-	TODO: check
+	NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9582 (eQ-3 Homematic CCU2 outdated base software packages allows Denial of S ...)
-	TODO: check
+	NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9581 (phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via  ...)
 	NOT-FOR-US: phpscheduleit Booked Scheduler
 CVE-2019-9580 (In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3,  ...)
@@ -20513,7 +20513,7 @@ CVE-2019-8064
 CVE-2019-8063
 	RESERVED
 CVE-2019-8062 (Adobe After Effects versions 16 and earlier have an insecure library l ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-8061
 	RESERVED
 CVE-2019-8060
@@ -20715,7 +20715,7 @@ CVE-2019-7963 (Adobe Bridge CC version 9.0.2 and earlier versions have an out of
 CVE-2019-7962
 	RESERVED
 CVE-2019-7961 (Adobe Prelude CC versions 8.1 and earlier have an insecure library loa ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-7960
 	RESERVED
 CVE-2019-7959
@@ -20775,7 +20775,7 @@ CVE-2019-7933
 CVE-2019-7932 (A remote code execution vulnerability exists in Magento Open Source pr ...)
 	NOT-FOR-US: Magento
 CVE-2019-7931 (Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure lib ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-7930 (A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18 ...)
 	NOT-FOR-US: Magento
 CVE-2019-7929 (An information leakage vulnerability exists in Magento 2.1 prior to 2. ...)
@@ -20897,7 +20897,7 @@ CVE-2019-7872 (An insecure direct object reference (IDOR) vulnerability exists i
 CVE-2019-7871 (A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 p ...)
 	NOT-FOR-US: Magento
 CVE-2019-7870 (Adobe Character Animator versions 2.1 and earlier have an insecure lib ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-7869 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
 	NOT-FOR-US: Magento
 CVE-2019-7868 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
@@ -31232,15 +31232,15 @@ CVE-2019-3641
 CVE-2019-3640
 	RESERVED
 CVE-2019-3639 (Clickjack vulnerability in Adminstrator web console in McAfee Web Gate ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3638
 	RESERVED
 CVE-2019-3637 (Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.20 ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3636
 	RESERVED
 CVE-2019-3635 (Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8. ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3634
 	RESERVED
 CVE-2019-3633
@@ -39535,9 +39535,9 @@ CVE-2019-1230
 CVE-2019-1229 (An elevation of privilege vulnerability exists in Dynamics On-Premise  ...)
 	TODO: check
 CVE-2019-1228 (An information disclosure vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1227 (An information disclosure vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1226 (A remote code execution vulnerability exists in Remote Desktop Service ...)
 	TODO: check
 CVE-2019-1225 (An information disclosure vulnerability exists when the Windows RDP se ...)
@@ -39555,7 +39555,7 @@ CVE-2019-1220
 CVE-2019-1219
 	RESERVED
 CVE-2019-1218 (A spoofing vulnerability exists in the way Microsoft Outlook iOS softw ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1217
 	RESERVED
 CVE-2019-1216
@@ -39565,9 +39565,9 @@ CVE-2019-1215
 CVE-2019-1214
 	RESERVED
 CVE-2019-1213 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1212 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1211 (An elevation of privilege vulnerability exists in Git for Visual Studi ...)
 	TODO: check
 CVE-2019-1210
@@ -39579,51 +39579,51 @@ CVE-2019-1208
 CVE-2019-1207
 	RESERVED
 CVE-2019-1206 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1205 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1204 (An elevation of privilege vulnerability exists when Microsoft Outlook  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1203 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1202 (An information disclosure vulnerability exists in the way Microsoft Sh ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1201 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1200 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1199 (A remote code execution vulnerability exists in Microsoft Outlook when ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1198 (An elevation of privilege exists in SyncController.dll, aka 'Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1197 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1196 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1195 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1194 (A remote code execution vulnerability exists in the way that the scrip ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1193 (A remote code execution vulnerability exists in the way that Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1192 (A security feature bypass vulnerability exists when Microsoft browsers ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1191
 	RESERVED
 CVE-2019-1190 (An elevation of privilege vulnerability exists in the way that the Win ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1189
 	RESERVED
 CVE-2019-1188 (A remote code execution vulnerability exists in Microsoft Windows that ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1187 (A denial of service vulnerability exists when the XmlLite runtime (Xml ...)
 	TODO: check
 CVE-2019-1186 (An elevation of privilege vulnerability exists in the way that the wcm ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1185 (An elevation of privilege vulnerability exists due to a stack corrupti ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1184 (An elevation of privilege vulnerability exists when Windows Core Shell ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1183 (A remote code execution vulnerability exists in the way that the VBScr ...)
 	TODO: check
 CVE-2019-1182 (A remote code execution vulnerability exists in Remote Desktop Service ...)
@@ -39631,31 +39631,31 @@ CVE-2019-1182 (A remote code execution vulnerability exists in Remote Desktop Se
 CVE-2019-1181 (A remote code execution vulnerability exists in Remote Desktop Service ...)
 	TODO: check
 CVE-2019-1180 (An elevation of privilege vulnerability exists in the way that the wcm ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1179 (An elevation of privilege vulnerability exists in the way that the uni ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1178 (An elevation of privilege vulnerability exists in the way that the ssd ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1177 (An elevation of privilege vulnerability exists in the way that the rpc ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1176 (An elevation of privilege vulnerability exists when DirectX improperly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1175 (An elevation of privilege vulnerability exists in the way that the psm ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1174 (An elevation of privilege vulnerability exists in the way that the Psm ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1173 (An elevation of privilege vulnerability exists in the way that the Psm ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1172 (An information disclosure vulnerability exists in Azure Active Directo ...)
 	TODO: check
 CVE-2019-1171 (An information disclosure vulnerability exists in SymCrypt during the  ...)
 	TODO: check
 CVE-2019-1170 (An elevation of privilege vulnerability exists when reparse points are ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1169 (An elevation of privilege vulnerability exists in Windows when the Win ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1168 (An elevation of privilege exists in the p2pimsvc service where an atta ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1167 (A security feature bypass vulnerability exists in Windows Defender App ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1166
@@ -39663,19 +39663,19 @@ CVE-2019-1166
 CVE-2019-1165
 	RESERVED
 CVE-2019-1164 (An elevation of privilege vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1163 (A security feature bypass exists when Windows incorrectly validates CA ...)
 	TODO: check
 CVE-2019-1162 (An elevation of privilege vulnerability exists when Windows improperly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1161 (An elevation of privilege vulnerability exists when the MpSigStub.exe  ...)
 	TODO: check
 CVE-2019-1160
 	RESERVED
 CVE-2019-1159 (An elevation of privilege vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1158 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1157 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	TODO: check
 CVE-2019-1156 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -39683,37 +39683,37 @@ CVE-2019-1156 (A remote code execution vulnerability exists when the Windows Jet
 CVE-2019-1155 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	TODO: check
 CVE-2019-1154 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1153 (An information disclosure vulnerability exists when the Microsoft Wind ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1152 (A remote code execution vulnerability exists when the Windows font lib ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1151 (A remote code execution vulnerability exists when the Windows font lib ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1150 (A remote code execution vulnerability exists when the Windows font lib ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1149 (A remote code execution vulnerability exists when the Windows font lib ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1148 (An information disclosure vulnerability exists when the Microsoft Wind ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1147 (A remote code execution vulnerability exists when the Windows Jet Data ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1146 (A remote code execution vulnerability exists when the Windows Jet Data ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1145 (A remote code execution vulnerability exists when the Windows font lib ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1144 (A remote code execution vulnerability exists when the Windows font lib ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1143 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1142
 	RESERVED
 CVE-2019-1141 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1140 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1139 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1138
 	RESERVED
 CVE-2019-1137 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Excha ...)
@@ -39725,11 +39725,11 @@ CVE-2019-1135
 CVE-2019-1134 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1133 (A remote code execution vulnerability exists in the way that the scrip ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1132 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1131 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1130 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1129 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
@@ -39838,7 +39838,7 @@ CVE-2019-1080 (A remote code execution vulnerability exists in the way the scrip
 CVE-2019-1079 (An information disclosure vulnerability exists when Visual Studio impr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1078 (An information disclosure vulnerability exists when the Windows Graphi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1077 (An elevation of privilege vulnerability exists when the Visual Studio  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1076 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
@@ -39880,7 +39880,7 @@ CVE-2019-1059 (A remote code execution vulnerability exists in the way that the
 CVE-2019-1058
 	RESERVED
 CVE-2019-1057 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1056 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1055 (A remote code execution vulnerability exists in the way the scripting  ...)
@@ -39934,7 +39934,7 @@ CVE-2019-1032 (A cross-site-scripting (XSS) vulnerability exists when Microsoft
 CVE-2019-1031 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1030 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1029 (A denial of service vulnerability exists in Skype for Business, aka 'S ...)
 	NOT-FOR-US: Skype
 CVE-2019-1028 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
@@ -40067,7 +40067,7 @@ CVE-2019-0967
 CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0965 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0964
 	RESERVED
 CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
@@ -40534,7 +40534,7 @@ CVE-2019-0738
 CVE-2019-0737
 	RESERVED
 CVE-2019-0736 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows Client ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0734 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
@@ -40560,25 +40560,25 @@ CVE-2019-0725 (A memory corruption vulnerability exists in the Windows Server DH
 CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0723 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0722 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0721
 	RESERVED
 CVE-2019-0720 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0719
 	RESERVED
 CVE-2019-0718 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0717 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0716 (A denial of service vulnerability exists when Windows improperly handl ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0715 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0714 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0713 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0712
@@ -42153,7 +42153,7 @@ CVE-2018-19388 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attack
 CVE-2018-19387
 	REJECTED
 CVE-2018-19386 (SolarWinds Database Performance Analyzer 11.1.457 contains an instance ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds Database Performance Analyzer
 CVE-2018-19385
 	RESERVED
 CVE-2018-19384



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09f269d85a0c1f1c8ad33df9c489ddf3facdac61

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09f269d85a0c1f1c8ad33df9c489ddf3facdac61
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190815/7fdd5252/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list