[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jul 2 21:28:31 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
21bfb3a9 by Salvatore Bonaccorso at 2019-07-02T20:27:43Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,21 +33,21 @@ CVE-2019-13157
 CVE-2019-13156
 	RESERVED
 CVE-2019-13155 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13154 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13153 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13152 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13151 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13150 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13149 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13148 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet TEW-827DRU firmware
 CVE-2019-13147 (In Audio File Library (aka audiofile) 0.3.6, there exists one NULL poi ...)
 	- audiofile <unfixed> (low; bug #931343)
 	[buster] - audiofile <no-dsa> (Minor issue)
@@ -15802,43 +15802,43 @@ CVE-2019-7272 (Optergy Proton/Enterprise devices allow Username Disclosure. ...)
 CVE-2019-7271 (Nortek Linear eMerge 50P/5000P devices have Default Credentials. ...)
 	NOT-FOR-US: Nortek Linear
 CVE-2019-7270 (Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge 50P/5000P devices
 CVE-2019-7269 (Linear eMerge 50P/5000P devices allow Authenticated Command Injection  ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge 50P/5000P devices
 CVE-2019-7268 (Linear eMerge 50P/5000P devices allow Unauthenticated File Upload. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge 50P/5000P devices
 CVE-2019-7267 (Linear eMerge 50P/5000P devices allow Cookie Path Traversal. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge 50P/5000P devices
 CVE-2019-7266 (Linear eMerge 50P/5000P devices allow Authentication Bypass. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge 50P/5000P devices
 CVE-2019-7265 (Linear eMerge E3-Series devices allow Remote Code Execution (root acce ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7264 (Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7263 (Linear eMerge E3-Series devices have a Version Control Failure. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7262 (Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7261 (Linear eMerge E3-Series devices have Hard-coded Credentials. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7260 (Linear eMerge E3-Series devices have Cleartext Credentials in a Databa ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7259 (Linear eMerge E3-Series devices allow Authorization Bypass with Inform ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7258 (Linear eMerge E3-Series devices allow Privilege Escalation. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7257 (Linear eMerge E3-Series devices allow Unrestricted File Upload. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7256 (Linear eMerge E3-Series devices allow Command Injections. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7255 (Linear eMerge E3-Series devices allow XSS. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7254 (Linear eMerge E3-Series devices allow File Inclusion. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7253 (Linear eMerge E3-Series devices allow Directory Traversal. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7252 (Linear eMerge E3-Series devices have Default Credentials. ...)
-	TODO: check
+	NOT-FOR-US: Linear eMerge E3-Series devices
 CVE-2019-7251 (An Integer Signedness issue (for a return code) in the res_pjsip_sdp_r ...)
 	- asterisk 1:16.2.1~dfsg-1 (bug #923690)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
@@ -22678,7 +22678,7 @@ CVE-2019-4294
 CVE-2019-4293 (IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attac ...)
 	NOT-FOR-US: IBM
 CVE-2019-4292 (IBM Security Guardium 10.5 could allow a remote attacker to upload arb ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4291
 	RESERVED
 CVE-2019-4290
@@ -22742,7 +22742,7 @@ CVE-2019-4262
 CVE-2019-4261
 	RESERVED
 CVE-2019-4260 (IBM Daeja ViewONE Professional, Standard & Virtual 5.0 through 5.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4259 (A security vulnerability has been identified in IBM Spectrum Scale 4.1 ...)
 	NOT-FOR-US: IBM
 CVE-2019-4258 (IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vu ...)
@@ -22982,7 +22982,7 @@ CVE-2019-4142 (IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to
 CVE-2019-4141
 	RESERVED
 CVE-2019-4140 (IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) c ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4139 (IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
 CVE-2019-4138 (IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could al ...)
@@ -22994,7 +22994,7 @@ CVE-2019-4136 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0
 CVE-2019-4135 (IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a secur ...)
 	NOT-FOR-US: IBM
 CVE-2019-4134 (IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4133
 	RESERVED
 CVE-2019-4132
@@ -23004,7 +23004,7 @@ CVE-2019-4131
 CVE-2019-4130
 	RESERVED
 CVE-2019-4129 (IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remot ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4128
 	RESERVED
 CVE-2019-4127
@@ -23086,9 +23086,9 @@ CVE-2019-4090
 CVE-2019-4089
 	RESERVED
 CVE-2019-4088 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allo ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4087 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulner ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4086
 	RESERVED
 CVE-2019-4085



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21bfb3a9e53feb522e7573679438dd443add6b1f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21bfb3a9e53feb522e7573679438dd443add6b1f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190702/fcd2bd25/attachment.html>

More information about the debian-security-tracker-commits mailing list