[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jul 2 16:19:30 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c4de1e36 by Salvatore Bonaccorso at 2019-07-02T15:18:58Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17215,7 +17215,7 @@ CVE-2019-6644
 CVE-2019-6643
 	RESERVED
 CVE-2019-6642 (In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, a ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6641
 	RESERVED
 CVE-2019-6640
@@ -20149,7 +20149,7 @@ CVE-2019-5499
 CVE-2019-5498
 	RESERVED
 CVE-2019-5497 (NetApp AFF A700s Baseboard Management Controller (BMC) firmware versio ...)
-	TODO: check
+	NOT-FOR-US: NetApp AFF A700s Baseboard Management Controller firmware
 CVE-2019-5496 (Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP ...)
 	NOT-FOR-US: Oncommand Insight / Netapp
 CVE-2019-5495 (OnCommand Unified Manager for VMware vSphere, Linux and Windows prior  ...)
@@ -23288,9 +23288,9 @@ CVE-2019-3964
 CVE-2019-3963
 	RESERVED
 CVE-2019-3962 (Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may a ...)
-	TODO: check
+	NOT-FOR-US: Nessus
 CVE-2019-3961 (Nessus versions 8.4.0 and earlier were found to contain a reflected XS ...)
-	TODO: check
+	NOT-FOR-US: Nessus
 CVE-2019-3960
 	RESERVED
 CVE-2019-3959
@@ -30854,9 +30854,9 @@ CVE-2019-1580
 CVE-2019-1579
 	RESERVED
 CVE-2019-1578 (Cross-site scripting vulnerability in Palo Alto Networks MineMeld vers ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks MineMeld
 CVE-2019-1577 (Code injection vulnerability in Palo Alto Networks Traps 5.0.5 and ear ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks Traps
 CVE-2019-1576
 	RESERVED
 CVE-2019-1575
@@ -154392,9 +154392,9 @@ CVE-2016-5240 (The DrawDashPolygon function in magick/render.c in GraphicsMagick
 CVE-2016-5237 (Valve Steam 3.42.16.13 uses weak permissions for the files in the Stea ...)
 	NOT-FOR-US: Valve Steam
 CVE-2016-5236 (Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9 ...)
-	TODO: check
+	NOT-FOR-US: F5 WebSafe
 CVE-2016-5235 (A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe D ...)
-	TODO: check
+	NOT-FOR-US: F5 WebSafe
 CVE-2014-9803 (arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-n ...)
 	- linux <not-affected> (Vulnerable code never present, introduced and fixed in 3.16 development cycle)
 	NOTE: Introduced by: https://git.kernel.org/linus/bc07c2c6e9ed125d362af0214b6313dca180cb08 (v3.16-rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4de1e36da3309d93252b99bde515f48c55ffa42

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4de1e36da3309d93252b99bde515f48c55ffa42
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190702/61a3227a/attachment.html>

More information about the debian-security-tracker-commits mailing list