[Git][security-tracker-team/security-tracker][master] NFUs

Tue Feb 5 09:40:02 GMT 2019

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c889d583 by Moritz Muehlenhoff at 2019-02-05T09:39:37Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -113,23 +113,23 @@ CVE-2019-1000019 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a7
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
 CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect ...)
-	TODO: check
+	NOT-FOR-US: Chamilo Chamilo-lms
 CVE-2019-1000016 (FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array ...)
 	TODO: check
 CVE-2019-1000015 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site ...)
-	TODO: check
+	NOT-FOR-US: Chamilo Chamilo-lms
 CVE-2019-1000014 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing ...)
 	TODO: check
 CVE-2019-1000013 (Hex package manager hex_core version 0.3.0 and earlier contains a ...)
-	TODO: check
+	NOT-FOR-US: Hex package manager
 CVE-2019-1000012 (Hex package manager version 0.14.0 through 0.18.2 contains a Signing ...)
-	TODO: check
+	NOT-FOR-US: Hex package manager
 CVE-2019-1000011 (API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access ...)
-	TODO: check
+	NOT-FOR-US: API Platform
 CVE-2019-1000010 (phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting ...)
 	NOT-FOR-US: phpIPAM
 CVE-2019-1000009 (Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains a CWE-22: ...)
-	TODO: check
+	NOT-FOR-US: Helm ChartMuseum
 CVE-2019-1000008 (All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a ...)
 	TODO: check
 CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper Handling of ...)
@@ -137,7 +137,7 @@ CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper Handlin
 CVE-2019-1000006 (RIOT RIOT-OS version after commit ...)
 	NOT-FOR-US: RIOT RIOT-OS
 CVE-2019-1000005 (mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of ...)
-	TODO: check
+	NOT-FOR-US: mPDF
 CVE-2019-1000004 (yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains a Cross ...)
 	NOT-FOR-US: yugandhargangu JspMyAdmin2
 CVE-2019-1000003 (MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c889d583d924b8b8a24cfdc5cd8b9a3fe88880f0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c889d583d924b8b8a24cfdc5cd8b9a3fe88880f0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190205/c68df538/attachment.html>
