[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8909e1c7 by Moritz Muehlenhoff at 2019-02-06T11:30:15Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2225,7 +2225,7 @@ CVE-2019-6506
 CVE-2019-6505
 	RESERVED
 CVE-2019-6504 (Insufficient output sanitization in the Automic Web Interface (AWI), ...)
-	TODO: check
+	NOT-FOR-US: CA Automic Workload Automation
 CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin v3.10.0. An ...)
 	NOT-FOR-US: Chatopera cosin
 CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory ...)
@@ -10381,11 +10381,11 @@ CVE-2018-20254
 CVE-2018-20253
 	RESERVED
 CVE-2018-20252 (There is an out-of-bounds writes vulnerability during parsing of ...)
-	TODO: check
+	NOT-FOR-US: WinRAR
 CVE-2018-20251 (A validation function (in WinRAR code) is being called before ...)
-	TODO: check
+	NOT-FOR-US: WinRAR
 CVE-2018-20250 (By crafting the filename field of the ACE format, the destination ...)
-	TODO: check
+	NOT-FOR-US: WinRAR
 CVE-2018-20249 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
 	NOT-FOR-US: Foxit Quick PDF Library
 CVE-2018-20248 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
@@ -22122,9 +22122,9 @@ CVE-2018-18335 (Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 CVE-2018-18334 (A vulnerability in the Private Browser of Trend Micro Dr. Safety for ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-18333 (A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-18332 (A Trend Micro OfficeScan XG weak file permissions vulnerability may ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-18331 (A Trend Micro OfficeScan XG weak file permissions vulnerability on a ...)
@@ -61021,11 +61021,11 @@ CVE-2018-3993 (An exploitable use-after-free vulnerability exists in the JavaScr
 CVE-2018-3992 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
 	NOT-FOR-US: Foxit Software's PDF Reader
 CVE-2018-3991 (An exploitable heap overflow vulnerability exists in the WkbProgramLow ...)
-	TODO: check
+	NOT-FOR-US: WibuKey
 CVE-2018-3990 (An exploitable pool corruption vulnerability exists in the 0x8200E804 ...)
-	TODO: check
+	NOT-FOR-US: WibuKey
 CVE-2018-3989 (An exploitable kernel memory disclosure vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: WibuKey
 CVE-2018-3988 (Signal Messenger for Android 4.24.8 may expose private information ...)
 	NOT-FOR-US: Signal Messenger
 CVE-2018-3987



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8909e1c74044ade6f42da721635aa1ad2bce911e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8909e1c74044ade6f42da721635aa1ad2bce911e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190206/5dc0ace0/attachment.html>