[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09b6f80a by Salvatore Bonaccorso at 2019-08-26T20:29:47Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2019-15639
 CVE-2019-15638
 	RESERVED
 CVE-2019-15637 (Numerous Tableau products are vulnerable to XXE via a malicious workbo ...)
-	TODO: check
+	NOT-FOR-US: Tableau
 CVE-2019-15636
 	RESERVED
 CVE-2019-15635
@@ -141,7 +141,7 @@ CVE-2019-15573 (Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php
 CVE-2019-15572 (Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in ...)
 	TODO: check
 CVE-2019-15571 (The WEB control panel before 2019-04-30 for ClonOS allows SQL injectio ...)
-	TODO: check
+	NOT-FOR-US: WEB control panel for ClonOS
 CVE-2019-15570 (BEdita through 4.0.0-RC2 allows SQL injection during a save operation  ...)
 	TODO: check
 CVE-2019-15569 (HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows  ...)
@@ -151,11 +151,11 @@ CVE-2019-15568 (idseq-web before 2019-07-01 in Infectious Disease Sequencing Pla
 CVE-2019-15567 (OpenForis Arena before 2019-05-07 allows SQL injection in the sorting  ...)
 	TODO: check
 CVE-2019-15566 (The Alfresco application before 1.8.7 for Android allows SQL injection ...)
-	TODO: check
+	NOT-FOR-US: Alfresco application for Android
 CVE-2019-15565 (The ICOMMKT connector before 1.0.7 for PrestaShop allows SQL injection ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2019-15564 (The Compassion Switzerland addons 10.01.4 for Odoo allow SQL injection ...)
-	TODO: check
+	NOT-FOR-US: Compassion Switzerland addons for Odoo
 CVE-2019-15563 (Observational Health Data Sciences and Informatics (OHDSI) WebAPI befo ...)
 	TODO: check
 CVE-2019-15562 (GORM before 1.9.10 allows SQL injection via incomplete parentheses. ...)
@@ -275,7 +275,7 @@ CVE-2019-15526 (An issue was discovered on D-Link DIR-823G devices with firmware
 CVE-2019-15525 (There is Missing SSL Certificate Validation in the pw3270 terminal emu ...)
 	TODO: check
 CVE-2019-15524 (CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php  ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2019-15523
 	RESERVED
 CVE-2019-15522
@@ -309,15 +309,15 @@ CVE-2019-15509
 CVE-2019-15508 (In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy  ...)
 	TODO: check
 CVE-2019-15507 (In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request pr ...)
-	TODO: check
+	NOT-FOR-US: Octopus Deploy
 CVE-2019-15506 (An issue was discovered in Kaseya Virtual System Administrator (VSA) t ...)
-	TODO: check
+	NOT-FOR-US: Kaseya Virtual System Administrator (VSA)
 CVE-2019-15505 (drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through ...)
 	- linux <unfixed>
 CVE-2019-15504 (drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2 ...)
 	- linux <unfixed>
 CVE-2019-15503 (cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCM ...)
-	TODO: check
+	NOT-FOR-US: AltaVoz Prontus
 CVE-2019-15502
 	RESERVED
 CVE-2019-15501 (Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-20 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b6f80af4ff2e3888b6fb8461ca031f51be780d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b6f80af4ff2e3888b6fb8461ca031f51be780d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190826/99beaf7f/attachment-0001.html>