[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jul 16 20:45:57 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
99a64797 by Salvatore Bonaccorso at 2019-07-16T19:45:33Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19139,7 +19139,7 @@ CVE-2019-6824 (A CWE-119: Buffer Errors vulnerability exists in ProClima (all ve
 CVE-2019-6823 (A CWE-94: Code Injection vulnerability exists in ProClima (all version ...)
 	NOT-FOR-US: ProClima
 CVE-2019-6822 (A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 a ...)
-	TODO: check
+	NOT-FOR-US: Zelio Soft 2
 CVE-2019-6821 (CWE-330: Use of Insufficiently Random Values vulnerability, which coul ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2019-6820 (A CWE-306: Missing Authentication for Critical Function vulnerability  ...)
@@ -22609,7 +22609,7 @@ CVE-2019-5449
 CVE-2019-5448
 	RESERVED
 CVE-2019-5447 (A path traversal vulnerability in <= v0.2.6 of http-file-server npm ...)
-	TODO: check
+	NOT-FOR-US: http-file-server Node.js module
 CVE-2019-5446 (Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin  ...)
 	NOT-FOR-US: EdgeSwitch
 CVE-2019-5445 (DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash  ...)
@@ -37732,7 +37732,7 @@ CVE-2015-9274 (HarfBuzz before 1.0.4 allows remote attackers to cause a denial o
 CVE-2019-0235
 	RESERVED
 CVE-2019-0234 (A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache  ...)
-	TODO: check
+	NOT-FOR-US: Apache Roller
 CVE-2019-0233
 	RESERVED
 CVE-2019-0232 (When running on Windows with enableCmdLineArguments enabled, the CGI S ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99a64797e2f454305f89b10b2bbb17e9816b55fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99a64797e2f454305f89b10b2bbb17e9816b55fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190716/7b1130c6/attachment.html>

More information about the debian-security-tracker-commits mailing list