[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Aug 21 07:08:34 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
394838aa by Salvatore Bonaccorso at 2019-08-21T06:08:06Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -284,7 +284,7 @@ CVE-2019-15151 (AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h.
 CVE-2019-15150 (In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulner ...)
 	NOT-FOR-US: OAuth2 Client MediaWiki extension
 CVE-2019-15149 (** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops t ...)
-	TODO: check
+	NOT-FOR-US: Mitogen
 CVE-2018-20976 (An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel befo ...)
 	- linux 4.18.6-1
 	NOTE: https://git.kernel.org/linus/c9fbd7bbc23dbdd73364be4d045e5d3612cf6e82
@@ -351,11 +351,11 @@ CVE-2019-15139 (The XWD image (X Window System window dumping file) parsing comp
 CVE-2019-15138
 	RESERVED
 CVE-2019-15137 (The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows f ...)
-	TODO: check
+	NOT-FOR-US: eProsima Fast RTPS
 CVE-2019-15136 (The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not ...)
-	TODO: check
+	NOT-FOR-US: eProsima Fast RTPS
 CVE-2019-15135 (The handshake protocol in Object Management Group (OMG) DDS Security 1 ...)
-	TODO: check
+	NOT-FOR-US: Object Management Group (OMG) DDS Security
 CVE-2019-15134 (RIOT through 2019.07 contains a memory leak in the TCP implementation  ...)
 	NOT-FOR-US: RIOT RIOT-OS
 CVE-2019-15133 (In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by ...)
@@ -7295,7 +7295,7 @@ CVE-2019-13071 (CSRF in the Agent/Center component of CyberPower PowerPanel Busi
 CVE-2019-13070 (A stored XSS vulnerability in the Agent/Center component of CyberPower ...)
 	NOT-FOR-US: CyberPower PowerPanel Business Edition
 CVE-2019-13069 (extenua SilverSHielD 6.x fails to secure its ProgramData folder, leadi ...)
-	TODO: check
+	NOT-FOR-US: extenua SilverSHielD
 CVE-2019-13068 (public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows ...)
 	- grafana <removed>
 	NOTE: https://github.com/grafana/grafana/issues/17718
@@ -12302,9 +12302,9 @@ CVE-2019-11165
 CVE-2019-11164
 	RESERVED
 CVE-2019-11163 (Insufficient access control in a hardware abstraction driver for Intel ...)
-	TODO: check
+	NOT-FOR-US: Intel(R) Processor Identification Utility for Windows
 CVE-2019-11162 (Insufficient access control in hardware abstraction in SEMA driver for ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2019-11161
 	RESERVED
 CVE-2019-11160
@@ -12332,23 +12332,23 @@ CVE-2019-11150
 CVE-2019-11149
 	RESERVED
 CVE-2019-11148 (Improper permissions in the installer for Intel(R) Remote Displays SDK ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2019-11147
 	RESERVED
 CVE-2019-11146 (Improper file verification in Intel® Driver & Support Assista ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2019-11145 (Improper file verification in Intel® Driver & Support Assista ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2019-11144
 	RESERVED
 CVE-2019-11143 (Improper permissions in the software installer for Intel(R) Authentica ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2019-11142
 	RESERVED
 CVE-2019-11141
 	RESERVED
 CVE-2019-11140 (Insufficient session validation in system firmware for Intel(R) NUC ma ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2019-11139
 	RESERVED
 CVE-2019-11138
@@ -26102,7 +26102,7 @@ CVE-2019-6180
 CVE-2019-6179
 	RESERVED
 CVE-2019-6178 (An information leakage vulnerability in Iomega and LenovoEMC NAS produ ...)
-	TODO: check
+	NOT-FOR-US: Iomega and LenovoEMC NAS products
 CVE-2019-6177
 	RESERVED
 CVE-2019-6176
@@ -26116,7 +26116,7 @@ CVE-2019-6173
 CVE-2019-6172
 	RESERVED
 CVE-2019-6171 (A vulnerability was reported in various BIOS versions of older ThinkPa ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2019-6170
 	RESERVED
 CVE-2019-6169 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
@@ -26128,7 +26128,7 @@ CVE-2019-6167 (A vulnerability reported in Lenovo Service Bridge before version
 CVE-2019-6166 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
 	NOT-FOR-US: Lenovo Service Bridge
 CVE-2019-6165 (A DLL search path vulnerability was reported in PaperDisplay Hotkey Se ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2019-6164
 	RESERVED
 CVE-2019-6163 (A denial of service vulnerability was reported in Lenovo System Update ...)
@@ -26140,7 +26140,7 @@ CVE-2019-6161
 CVE-2019-6160 (A vulnerability in various versions of Iomega and LenovoEMC NAS produc ...)
 	NOT-FOR-US: Iomega and LenovoEMC NAS products
 CVE-2019-6159 (A stored cross-site scripting (XSS) vulnerability exists in various fi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-6158 (An internal product security audit of Lenovo XClarity Administrator (L ...)
 	NOT-FOR-US: Lenovo XClarity Administrator (LXCA)
 CVE-2019-6157 (In various firmware versions of Lenovo System x, the integrated manage ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/394838aac81deb94788ff6dd44e3d03035a1865f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/394838aac81deb94788ff6dd44e3d03035a1865f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190821/c92d2ec2/attachment.html>

More information about the debian-security-tracker-commits mailing list