[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Jul 3 09:18:22 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b8c0bf6 by Salvatore Bonaccorso at 2019-07-03T08:17:55Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5592,7 +5592,7 @@ CVE-2019-10977 (In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-1
 CVE-2019-10976
 	RESERVED
 CVE-2019-10975 (An out-of-bounds read vulnerability has been identified in Fuji Electr ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric
 CVE-2019-10974
 	RESERVED
 CVE-2019-10973
@@ -17325,15 +17325,15 @@ CVE-2019-6626
 CVE-2019-6625
 	RESERVED
 CVE-2019-6624 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6623 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6622 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6621 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6620 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6619 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Tra ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6618 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
@@ -47109,11 +47109,11 @@ CVE-2018-14889 (CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 c
 CVE-2018-14888 (inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin be ...)
 	NOT-FOR-US: Eldenroot Thank You/Like plugin for MyBB
 CVE-2018-14887 (Improper Host header sanitization in the dbfilter routing component in ...)
-	TODO: check
+	NOT-FOR-US: Odoo
 CVE-2018-14886 (The module-description renderer in Odoo Community 11.0 and earlier and ...)
-	TODO: check
+	NOT-FOR-US: Odoo
 CVE-2018-14885 (Incorrect access control in the database manager component in Odoo Com ...)
-	TODO: check
+	NOT-FOR-US: Odoo
 CVE-2018-14884 (An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.1 ...)
 	- php7.2 7.2.1-1
 	- php7.1 7.1.13-1
@@ -47177,9 +47177,9 @@ CVE-2018-14870
 CVE-2018-14869 (PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Add ...)
 	NOT-FOR-US: PHP Template Store Script
 CVE-2018-14868 (Incorrect access control in the Password Encryption module in Odoo Com ...)
-	TODO: check
+	NOT-FOR-US: Odoo
 CVE-2018-14867 (Incorrect access control in the portal messaging system in Odoo Commun ...)
-	TODO: check
+	NOT-FOR-US: Odoo
 CVE-2018-14866
 	RESERVED
 CVE-2018-14865
@@ -106380,7 +106380,7 @@ CVE-2017-11582 (dayrui FineCms 5.0.9 has SQL Injection via the num parameter in
 CVE-2017-11581 (dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php ...)
 	NOT-FOR-US: FineCms
 CVE-2017-11580 (Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory c ...)
-	TODO: check
+	NOT-FOR-US: Blipcare Wifi blood pressure monitor BP700 10.1 devices
 CVE-2017-11579 (In the most recent firmware for Blipcare, the device provides an open  ...)
 	TODO: check
 CVE-2017-11578 (It was discovered as a part of the research on IoT devices in the most ...)
@@ -115854,33 +115854,33 @@ CVE-2017-8418 (RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowin
 	NOTE: https://github.com/bbatsov/rubocop/issues/4336
 	NOTE: https://github.com/bbatsov/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7
 CVE-2017-8417 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8416 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8415 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8414 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The b ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8413 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8412 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8411 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8410 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The b ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8409 (An issue was discovered on D-Link DCS-1130 devices. The device require ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8408 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8407 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8406 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8405 (An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The b ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8404 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-8403 (360fly 4K cameras allow unauthenticated Wi-Fi password changes and com ...)
 	NOT-FOR-US: 360fly
 CVE-2017-8402 (PivotX 2.3.11 allows remote authenticated users to execute arbitrary P ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b8c0bf662a04e02bcd210b8ba00efad3f834b26

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b8c0bf662a04e02bcd210b8ba00efad3f834b26
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190703/d6ef001f/attachment.html>

More information about the debian-security-tracker-commits mailing list