[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Jul 15 21:22:55 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df5ef5cb by Salvatore Bonaccorso at 2019-07-15T20:22:06Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -321,7 +321,7 @@ CVE-2014-1039
 CVE-2014-1038
 	RESERVED
 CVE-2014-10374 (On Fitbit activity-tracker devices, certain addresses never change. Ac ...)
-	TODO: check
+	NOT-FOR-US: Fitbit activity-tracker devices
 CVE-2014-10373
 	RESERVED
 CVE-2014-10372
@@ -10600,15 +10600,15 @@ CVE-2019-1010310 (GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags In
 CVE-2019-1010309
 	REJECTED
 CVE-2019-1010308 (Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Inc ...)
-	TODO: check
+	NOT-FOR-US: Aquaverde GmbH Aquarius CMS
 CVE-2019-1010307 (GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting (XSS). Th ...)
 	TODO: check
 CVE-2019-1010306 (Slanger 0.6.0 is affected by: Remote Code Execution (RCE). The impact  ...)
-	TODO: check
+	NOT-FOR-US: Slanger
 CVE-2019-1010305 (libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: I ...)
 	TODO: check
 CVE-2019-1010304 (Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f ...)
-	TODO: check
+	NOT-FOR-US: Mirumee Saleor
 CVE-2019-1010303
 	RESERVED
 CVE-2019-1010302 (jhead 3.03 is affected by: Incorrect Access Control. The impact is: De ...)
@@ -11132,7 +11132,7 @@ CVE-2019-1010044 (borg-reducer c6d5240 is affected by: Buffer Overflow. The impa
 CVE-2019-1010043
 	RESERVED
 CVE-2019-1010042 (couchcms 2 is affected by: Web Site physical path leakage. The impact  ...)
-	TODO: check
+	NOT-FOR-US: CouchCMS
 CVE-2019-1010041
 	RESERVED
 CVE-2019-1010040
@@ -11148,7 +11148,7 @@ CVE-2019-1010036
 CVE-2019-1010035
 	RESERVED
 CVE-2019-1010034 (Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL  ...)
-	TODO: check
+	NOT-FOR-US: Deepwoods Software WebLibrarian
 CVE-2019-1010033
 	RESERVED
 CVE-2019-1010032
@@ -35056,35 +35056,35 @@ CVE-2019-1098
 CVE-2019-1097 (An information disclosure vulnerability exists when DirectWrite improp ...)
 	TODO: check
 CVE-2019-1096 (An information disclosure vulnerability exists when the win32k compone ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1095 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1094 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1093 (An information disclosure vulnerability exists when DirectWrite improp ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1092 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1091 (An information disclosure vulnerability exists when Unistore.dll fails ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1090 (An elevation of privilege vulnerability exists in the way that the dns ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1089 (An elevation of privilege vulnerability exists in rpcss.dll when the R ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1088 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1087 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1086 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1085 (An elevation of privilege vulnerability exists in the way that the wla ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1084 (An information disclosure vulnerability exists when Exchange allows cr ...)
 	TODO: check
 CVE-2019-1083 (A denial of service vulnerability exists when Microsoft Common Object  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1082 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1081 (An information disclosure vulnerability exists when affected Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1080 (A remote code execution vulnerability exists in the way the scripting  ...)
@@ -35100,9 +35100,9 @@ CVE-2019-1076 (A Cross-site Scripting (XSS) vulnerability exists when Team Found
 CVE-2019-1075 (A spoofing vulnerability exists in ASP.NET Core that could lead to an  ...)
 	TODO: check
 CVE-2019-1074 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1073 (An information disclosure vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1072 (A remote code execution vulnerability exists when Azure DevOps Server  ...)
 	TODO: check
 CVE-2019-1071 (An information disclosure vulnerability exists when the Windows kernel ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/df5ef5cb74c62ba90e4b8dbbfab67d5aa2923d81

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/df5ef5cb74c62ba90e4b8dbbfab67d5aa2923d81
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190715/53fb6ea9/attachment.html>

More information about the debian-security-tracker-commits mailing list