[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Jul 17 11:17:38 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a8ba97cc by Moritz Muehlenhoff at 2019-07-17T10:17:13Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,10 @@
CVE-2019-13625 (NSA Ghidra before 9.0.1 allows XXE when a project is opened or restore ...)
+ - ghidra <itp> (bug #923851)
TODO: check
CVE-2019-13624 (In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/Y ...)
- TODO: check
+ NOT-FOR-US: ONOS
CVE-2019-13623 (In NSA Ghidra through 9.0.4, path traversal can occur in RestoreTask.j ...)
- TODO: check
+ - ghidra <itp> (bug #923851)
CVE-2019-13622
RESERVED
CVE-2019-13621
@@ -30,7 +31,7 @@ CVE-2019-13614
CVE-2019-13613
RESERVED
CVE-2019-13612 (MDaemon Email Server 19 skips SpamAssassin checks by default for e-mai ...)
- TODO: check
+ NOT-FOR-US: MDaemon Email Server
CVE-2019-13611 (An issue was discovered in python-engineio through 3.8.2. There is a C ...)
- python-engineio <unfixed>
NOTE: https://github.com/miguelgrinberg/python-engineio/issues/128
@@ -10683,23 +10684,23 @@ CVE-2019-1010299 (The Rust Programming Language Standard Library 1.18.0 and late
NOTE: https://github.com/rust-lang/rust/issues/53566
NOTE: https://github.com/rust-lang/rust/pull/53571/commits/b85e4cc8fadaabd41da5b9645c08c68b8f89908d
CVE-2019-1010298 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
- TODO: check
+ NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010297 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
- TODO: check
+ NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010296 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
- TODO: check
+ NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010295 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
- TODO: check
+ NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010294 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. ...)
- TODO: check
+ NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010293 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossi ...)
- TODO: check
+ NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010292 (Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary ...)
- TODO: check
+ NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010291
RESERVED
CVE-2019-1010290 (Babel: Multilingual site Babel All is affected by: Open Redirection. T ...)
- TODO: check
+ NOT-FOR-US: Babel: Multilingual
CVE-2019-1010289
RESERVED
CVE-2019-1010288
@@ -11199,7 +11200,7 @@ CVE-2019-1010046
CVE-2019-1010045
RESERVED
CVE-2019-1010044 (borg-reducer c6d5240 is affected by: Buffer Overflow. The impact is: P ...)
- TODO: check
+ NOT-FOR-US: borg-reducer
CVE-2019-1010043 (Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: P ...)
TODO: check
CVE-2019-1010042
@@ -11212,7 +11213,7 @@ CVE-2019-1010040
CVE-2019-1010039 (uLaunchELF < commit 170827a is affected by: Buffer Overflow. The im ...)
NOT-FOR-US: uLaunchELF
CVE-2019-1010038 (OpenModelica OMCompiler is affected by: Buffer Overflow. The impact is ...)
- TODO: check
+ NOT-FOR-US: OpenModelica OMCompiler
CVE-2019-1010037
RESERVED
CVE-2019-1010036
@@ -26780,7 +26781,7 @@ CVE-2019-3572 (An issue was discovered in libming 0.4.8. There is a heap-based b
- ming <removed>
NOTE: https://github.com/libming/libming/issues/169
CVE-2019-3571 (An input validation issue affected WhatsApp Desktop versions prior to ...)
- TODO: check
+ NOT-FOR-US: WhatsApp Desktop
CVE-2019-3570
RESERVED
- hhvm <removed>
@@ -34200,7 +34201,7 @@ CVE-2018-19631
CVE-2018-19630 (cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE throu ...)
NOT-FOR-US: uhttpd (in OpenWRT and LEDE)
CVE-2018-19629 (A Denial of Service vulnerability in the ImageNow Server service in Hy ...)
- TODO: check
+ NOT-FOR-US: Hyland Perceptive Content Server
CVE-2018-19628 (In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. Thi ...)
{DSA-4359-1}
- wireshark 2.6.5-1
@@ -35204,7 +35205,7 @@ CVE-2019-1074 (An elevation of privilege vulnerability exists in Microsoft Windo
CVE-2019-1073 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1072 (A remote code execution vulnerability exists when Azure DevOps Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1071 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1070
@@ -35427,7 +35428,7 @@ CVE-2019-0964
CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-0962 (An elevation of privilege vulnerability exists in Azure Automation "Ru ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0961 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0960 (An elevation of privilege vulnerability exists in Windows when the Win ...)
@@ -35621,7 +35622,7 @@ CVE-2019-0867 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevO
CVE-2019-0866 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0865 (A denial of service vulnerability exists when SymCrypt improperly hand ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0864 (A denial of service vulnerability exists when .NET Framework improperl ...)
NOT-FOR-US: .NET Framework
CVE-2019-0863 (An elevation of privilege vulnerability exists in the way Windows Erro ...)
@@ -53317,7 +53318,7 @@ CVE-2018-13444 (An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerab
CVE-2018-13443 (EOS.IO jit-wasm 4.1 has a heap-based buffer overflow via a crafted was ...)
NOT-FOR-US: EOS.IO jit-wasm
CVE-2018-13442 (SolarWinds Network Performance Monitor 12.3 allows SQL Injection via t ...)
- TODO: check
+ NOT-FOR-US: SolarWinds Network Performance Monitor
CVE-2018-13441 (qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL po ...)
- nagios4 4.3.4-3 (low; bug #917160)
NOTE: https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8ba97cc426fbfe7b6633a2e7e321666cec8d999
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8ba97cc426fbfe7b6633a2e7e321666cec8d999
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190717/b877c4b0/attachment.html>
More information about the debian-security-tracker-commits
mailing list