[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Jan 23 17:21:05 GMT 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
58ba935c by Moritz Muehlenhoff at 2019-01-23T17:20:37Z
NFUs
opensc unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -373,8 +373,9 @@ CVE-2019-6504
 CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin v3.10.0. An ...)
 	NOT-FOR-US: Chatopera cosin
 CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory ...)
-	- opensc <unfixed>
+	- opensc <unfixed> (unimportant)
 	NOTE: https://github.com/OpenSC/OpenSC/issues/1586
+	NOTE: Negligable security impact, assigning a CVE seems out of proportion...
 CVE-2019-1003004 (An improper authorization vulnerability exists in Jenkins 2.158 and ...)
 	NOT-FOR-US: Jenkins
 CVE-2019-1003003 (An improper authorization vulnerability exists in Jenkins 2.158 and ...)
@@ -1031,7 +1032,7 @@ CVE-2019-6262 (An issue was discovered in Joomla! before 3.9.2. Inadequate check
 CVE-2019-6261 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in ...)
 	NOT-FOR-US: Joomla
 CVE-2019-6260 (The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) ...)
-	TODO: check
+	NOT-FOR-US: ASPEED
 CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-20707
@@ -18383,11 +18384,11 @@ CVE-2018-19021
 CVE-2018-19020
 	RESERVED
 CVE-2018-19019 (A type confusion vulnerability exists when processing project files in ...)
-	TODO: check
+	NOT-FOR-US: CX-Supervisor
 CVE-2018-19018
 	RESERVED
 CVE-2018-19017 (Several use after free vulnerabilities have been identified in ...)
-	TODO: check
+	NOT-FOR-US: CX-Supervisor
 CVE-2018-19016
 	RESERVED
 CVE-2018-19015
@@ -18396,12 +18397,12 @@ CVE-2018-19014
 	RESERVED
 	NOT-FOR-US: Drager patient monitoring medical devices
 CVE-2018-19013 (An attacker could inject commands to delete files and/or delete the ...)
-	TODO: check
+	NOT-FOR-US: CX-Supervisor
 CVE-2018-19012
 	RESERVED
 	NOT-FOR-US: Drager patient monitoring medical devices
 CVE-2018-19011 (CX-Supervisor (Versions 3.42 and prior) can execute code that has been ...)
-	TODO: check
+	NOT-FOR-US: CX-Supervisor
 CVE-2018-19010
 	RESERVED
 	NOT-FOR-US: Drager patient monitoring medical devices
@@ -52023,11 +52024,11 @@ CVE-2018-6447
 CVE-2018-6446
 	RESERVED
 CVE-2018-6445 (A Vulnerability in Brocade Network Advisor versions before 14.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2018-6444 (A Vulnerability in Brocade Network Advisor versions before 14.1.0 ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2018-6443 (A vulnerability in Brocade Network Advisor Versions before 14.3.1 ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2018-6442 (A vulnerability in the Brocade Webtools firmware update section of ...)
 	NOT-FOR-US: Brocade
 CVE-2018-6441 (A vulnerability in Secure Shell implementation of Brocade Fabric OS ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/58ba935ca72fba772dacc66a984ad4071b04f202

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/58ba935ca72fba772dacc66a984ad4071b04f202
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190123/b05f6c45/attachment.html>


More information about the debian-security-tracker-commits mailing list