[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Dec 19 20:27:59 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f8871fe by Salvatore Bonaccorso at 2019-12-19T20:27:38Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2019-19911
 CVE-2019-19910 (The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35  ...)
 	TODO: check
 CVE-2019-19909 (An issue was discovered in Public Knowledge Project (PKP) pkp-lib befo ...)
-	TODO: check
+	NOT-FOR-US: Public Knowledge Project (PKP) pkp-lib
 CVE-2019-19908
 	RESERVED
 CVE-2019-19907 (HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core  ...)
@@ -908,7 +908,7 @@ CVE-2019-19790 (Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows
 CVE-2019-19789
 	RESERVED
 CVE-2019-19788 (Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed  ...)
-	TODO: check
+	NOT-FOR-US: Opera for Android
 CVE-2019-19787 (ATasm 1.06 has a stack-based buffer overflow in the get_signed_express ...)
 	NOT-FOR-US: ATasm
 CVE-2019-19786 (ATasm 1.06 has a stack-based buffer overflow in the parse_expr() funct ...)
@@ -7331,7 +7331,7 @@ CVE-2019-18783
 CVE-2019-18782
 	RESERVED
 CVE-2019-18781 (An open redirect vulnerability was discovered in Zoho ManageEngine ADS ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
 CVE-2019-18786 (In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitial ...)
 	- linux <unfixed>
 	[stretch] - linux <not-affected> (Vulnerable code not present)
@@ -14042,7 +14042,7 @@ CVE-2019-17392 (Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism
 CVE-2019-17391 (An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-0 ...)
 	NOT-FOR-US: Espressif ESP32
 CVE-2019-17390 (An issue was discovered in the Outlook add-in in Pronestor Planner bef ...)
-	TODO: check
+	NOT-FOR-US: Outlook add-in in Pronestor Planner
 CVE-2019-17389 (In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles erro ...)
 	NOT-FOR-US: RIOT RIOT-OS
 CVE-2019-17388 (Weak file permissions applied to the Aviatrix VPN Client through 2.2.1 ...)
@@ -16369,49 +16369,49 @@ CVE-2019-16467
 CVE-2019-16466
 	RESERVED
 CVE-2019-16465 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16464 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16463 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16462 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16461 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16460 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16459 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16458 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16457 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16456 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16455 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16454 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16453 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16452 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16451 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16450 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16449 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16448 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16447
 	RESERVED
 CVE-2019-16446 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16445 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16444 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-16443
 	RESERVED
 CVE-2019-16442
@@ -20821,7 +20821,7 @@ CVE-2019-15008 (The /plugins/servlet/branchreview resource in Atlassian Fisheye
 CVE-2019-15007 (The review resource in Atlassian Fisheye and Crucible before version 4 ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
 CVE-2019-15006 (There was a man-in-the-middle (MITM) vulnerability present in the Conf ...)
-	TODO: check
+	NOT-FOR-US: Confluence
 CVE-2019-15005 (The Atlassian Troubleshooting and Support Tools plugin prior to versio ...)
 	NOT-FOR-US: Atlassian
 CVE-2019-15004 (The Customer Context Filter in Atlassian Jira Service Desk Server and  ...)
@@ -30676,7 +30676,7 @@ CVE-2019-11997
 CVE-2019-11996 (Potential security vulnerabilities have been identified with HPE Nimbl ...)
 	NOT-FOR-US: HPE
 CVE-2019-11995 (Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unaut ...)
-	TODO: check
+	NOT-FOR-US: HPE UIoT
 CVE-2019-11994
 	RESERVED
 CVE-2019-11993
@@ -31151,7 +31151,7 @@ CVE-2019-11782
 CVE-2019-11781
 	RESERVED
 CVE-2019-11780 (Improper access control in the computed fields system of the framework ...)
-	TODO: check
+	NOT-FOR-US: Odoo
 CVE-2019-11779 (In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT cli ...)
 	{DSA-4570-1 DLA-1972-1}
 	- mosquitto 1.6.6-1 (bug #940654)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f8871fe434f8bba9ca9d0b800b49de48b9b493c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f8871fe434f8bba9ca9d0b800b49de48b9b493c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191219/a9ad734f/attachment.html>

More information about the debian-security-tracker-commits mailing list