[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a5897ce by Moritz Muehlenhoff at 2019-07-18T10:06:14Z
NFUs
ioquake non-issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2019-13647 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of ...)
-	TODO: check
+	NOT-FOR-US: Firefly
 CVE-2019-13646 (Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack ...)
-	TODO: check
+	NOT-FOR-US: Firefly
 CVE-2019-13645 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of ...)
-	TODO: check
+	NOT-FOR-US: Firefly
 CVE-2019-13644 (Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of ...)
-	TODO: check
+	NOT-FOR-US: Firefly
 CVE-2019-13643 (Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute  ...)
 	NOT-FOR-US: EspoCRM
 CVE-2019-13642
@@ -2804,13 +2804,13 @@ CVE-2019-12916
 CVE-2019-12915
 	RESERVED
 CVE-2019-12914 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...)
-	TODO: check
+	NOT-FOR-US: Redbrick Shift
 CVE-2019-12913 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...)
-	TODO: check
+	NOT-FOR-US: Redbrick Shift
 CVE-2019-12912 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...)
-	TODO: check
+	NOT-FOR-US: Redbrick Shift
 CVE-2019-12911 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...)
-	TODO: check
+	NOT-FOR-US: Redbrick Shift
 CVE-2019-12910
 	RESERVED
 CVE-2019-12909
@@ -11256,7 +11256,10 @@ CVE-2019-1010045
 CVE-2019-1010044 (borg-reducer c6d5240 is affected by: Buffer Overflow. The impact is: P ...)
 	NOT-FOR-US: borg-reducer
 CVE-2019-1010043 (Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: P ...)
-	TODO: check
+	- ioquake3 <unfixed> (unimportant)
+	NOTE: https://github.com/ec-/Quake3e/issues/9
+	NOTE: https://github.com/ec-/Quake3e/commit/fea3c4144c7b325634cdf638d1582c772a2db3bd
+	NOTE: No security impact
 CVE-2019-1010042
 	REJECTED
 	NOT-FOR-US: CouchCMS
@@ -14121,9 +14124,9 @@ CVE-2019-8935 (Collabtive 3.1 allows XSS via the manageuser.php?action=profile i
 	- collabtive <removed>
 	[jessie] - collabtive <ignored> (Minor issue)
 CVE-2019-8932 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...)
-	TODO: check
+	NOT-FOR-US: Redbrick Shift
 CVE-2019-8931 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...)
-	TODO: check
+	NOT-FOR-US: Redbrick Shift
 CVE-2019-8930
 	RESERVED
 CVE-2019-8929 (An issue was discovered in Zoho ManageEngine Netflow Analyzer Professi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0a5897cef27a4648e73fa7136743e778b0240a2c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0a5897cef27a4648e73fa7136743e778b0240a2c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190718/5b937596/attachment.html>