[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Dec 4 10:40:10 GMT 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9add0c6a by Moritz Muehlenhoff at 2019-12-04T10:39:51Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8558,10 +8558,13 @@ CVE-2019-17557
 	RESERVED
 CVE-2019-17556
 	RESERVED
+	NOT-FOR-US: Olingo
 CVE-2019-17555
 	RESERVED
+	NOT-FOR-US: Olingo
 CVE-2019-17554
 	RESERVED
+	NOT-FOR-US: Olingo
 CVE-2019-17553 (An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection ...)
 	NOT-FOR-US: MetInfo
 CVE-2019-17552 (An issue was discovered in idreamsoft iCMS v7.0.14. There is a spider_ ...)
@@ -26386,7 +26389,7 @@ CVE-2019-11745 [Out-of-bounds write when passing an output buffer smaller than t
 	{DLA-2008-1}
 	- nss 2:3.47.1-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1586176 (not public)
-	NOTE: Upstream patch: https://hg.mozilla.org/releases/mozilla-esr68/rev/ea1bc0fb2dda
+	NOTE: https://hg.mozilla.org/projects/nss/rev/1e22a0c93afe9f46545560c86caedef9dab6cfda
 	NOTE: Fixed in 3.44.3 and 3.47.1 upstream.
 CVE-2019-11744 (Some HTML elements, such as <title> and <textarea ...)
 	{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
@@ -29327,10 +29330,10 @@ CVE-2019-10733
 CVE-2019-10732 (In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypt ...)
 	{DLA-1825-1}
 	- kf5-messagelib 4:19.08.3-1 (bug #926996)
-	[buster] - kf5-messagelib <postponed> (Revisit when fixed upstream)
-	[stretch] - kf5-messagelib <postponed> (Revisit when fixed upstream)
+	[buster] - kf5-messagelib <no-dsa> (Minor issue)
+	[stretch] - kf5-messagelib <no-dsa> (Minor issue)
 	- kdepim <removed>
-	[stretch] - kdepim <postponed> (Revisit when fixed upstream)
+	[stretch] - kdepim <no-dsa> (Minor issue)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=404698
 	NOTE: https://cgit.kde.org/messagelib.git/commit/?id=8f9b85b664be0987014c5d2485e706ab5a198e1b (v19.04.2)
 CVE-2019-10731



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9add0c6a7a3a4e3c1413ca0879d24e22dadea2a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9add0c6a7a3a4e3c1413ca0879d24e22dadea2a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191204/38bf5d4a/attachment.html>

More information about the debian-security-tracker-commits mailing list