[Git][security-tracker-team/security-tracker][master] add CVE ID to existing chromium update

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
59e7c47e by Moritz Muehlenhoff at 2019-01-14T18:03:09Z
add CVE ID to existing chromium update
NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2019-6258
 	RESERVED
 CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder before ...)
-	TODO: check
+	NOT-FOR-US: elFinder
 CVE-2019-6256 (A Denial of Service issue was discovered in the LIVE555 Streaming Media ...)
 	TODO: check
 CVE-2019-6255
@@ -15,7 +15,7 @@ CVE-2019-6252
 CVE-2019-6251 (embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows ...)
 	TODO: check
 CVE-2019-6249 (An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability ...)
-	TODO: check
+	NOT-FOR-US: HuCart
 CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ ...)
 	- zeromq3 4.3.1-1 (bug #919098)
 	[jessie] - zeromq3 <not-affected> (Vulnerable code introduced later)
@@ -16630,7 +16630,7 @@ CVE-2018-19251
 CVE-2018-19250
 	REJECTED
 CVE-2018-19249 (The Stripe API v1 allows remote attackers to bypass intended access ...)
-	TODO: check
+	NOT-FOR-US: Stripe API
 CVE-2018-19248 (The web service on Epson WorkForce WF-2861 10.48 ...)
 	NOT-FOR-US: Epson
 CVE-2018-19247
@@ -21171,7 +21171,8 @@ CVE-2018-17462 (Incorrect refcounting in AppCache in Google Chrome prior to ...)
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17461 (An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 ...)
-	TODO: check
+	- chromium-browser 68.0.3440.75-1
+	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17460
 	RESERVED
 CVE-2018-17457 (An object lifecycle issue in Blink could lead to a use after free in ...)


=====================================
data/DSA/list
=====================================
@@ -338,7 +338,7 @@
 	{CVE-2018-10906}
 	[stretch] - fuse 2.9.7-1+deb9u1
 [26 Jul 2018] DSA-4256-1 chromium-browser - security update
-	{CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151 CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155 CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159 CVE-2018-6161 CVE-2018-6162 CVE-2018-6163 CVE-2018-6164 CVE-2018-6165 CVE-2018-6166 CVE-2018-6167 CVE-2018-6168 CVE-2018-6169 CVE-2018-6170 CVE-2018-6171 CVE-2018-6172 CVE-2018-6173 CVE-2018-6174 CVE-2018-6175 CVE-2018-6176 CVE-2018-6177 CVE-2018-6178 CVE-2018-6179}
+	{CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151 CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155 CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159 CVE-2018-6161 CVE-2018-6162 CVE-2018-6163 CVE-2018-6164 CVE-2018-6165 CVE-2018-6166 CVE-2018-6167 CVE-2018-6168 CVE-2018-6169 CVE-2018-6170 CVE-2018-6171 CVE-2018-6172 CVE-2018-6173 CVE-2018-6174 CVE-2018-6175 CVE-2018-6176 CVE-2018-6177 CVE-2018-6178 CVE-2018-6179 CVE-2018-17461}
 	[stretch] - chromium-browser 68.0.3440.75-1~deb9u1
 [24 Jul 2018] DSA-4255-1 ant - security update
 	{CVE-2018-10886}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/59e7c47ed609ad101942507a01142c4804e115ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/59e7c47ed609ad101942507a01142c4804e115ea
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190114/19a8b638/attachment.html>