[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Jul 24 21:19:50 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
63230a58 by Salvatore Bonaccorso at 2019-07-24T20:19:24Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9085,7 +9085,7 @@ CVE-2019-10994
 CVE-2019-10993 (In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointe ...)
 	NOT-FOR-US: WebAccess/SCADA
 CVE-2019-10992 (Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Mu ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics CNCSoft ScreenEditor
 CVE-2019-10991 (In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buf ...)
 	NOT-FOR-US: WebAccess/SCADA
 CVE-2019-10990
@@ -9105,7 +9105,7 @@ CVE-2019-10984
 CVE-2019-10983 (In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vul ...)
 	NOT-FOR-US: WebAccess/SCADA
 CVE-2019-10982 (Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Mu ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics CNCSoft ScreenEditor
 CVE-2019-10981 (In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulner ...)
 	NOT-FOR-US: AVEVA
 CVE-2019-10980
@@ -9133,7 +9133,7 @@ CVE-2019-10970 (In Rockwell Automation PanelView 5510 (all versions manufactured
 CVE-2019-10969
 	RESERVED
 CVE-2019-10968 (Philips Holter 2010 Plus, all versions. A vulnerability has been ident ...)
-	TODO: check
+	NOT-FOR-US: Philips Holter 2010 Plus
 CVE-2019-10967 (In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based  ...)
 	NOT-FOR-US: Emerson
 CVE-2019-10966 (In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exis ...)
@@ -12243,11 +12243,11 @@ CVE-2019-1010195
 CVE-2019-1010194
 	RESERVED
 CVE-2019-1010193 (hisiphp 1.0.8 is affected by: Cross Site Scripting (XSS). ...)
-	TODO: check
+	NOT-FOR-US: hisiphp
 CVE-2019-1010192
 	RESERVED
 CVE-2019-1010191 (marginalia < 1.6 is affected by: SQL Injection. The impact is: The  ...)
-	TODO: check
+	NOT-FOR-US: marginalia
 CVE-2019-1010190 (mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact i ...)
 	TODO: check
 CVE-2019-1010189 (mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impac ...)
@@ -12271,11 +12271,11 @@ CVE-2019-1010181
 CVE-2019-1010180 (GNU gdb All versions is affected by: Buffer Overflow - Out of bound me ...)
 	TODO: check
 CVE-2019-1010179 (PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affe ...)
-	TODO: check
+	NOT-FOR-US: PHKP
 CVE-2019-1010178 (Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access ...)
-	TODO: check
+	NOT-FOR-US: Fred MODX Revolution
 CVE-2019-1010177 (Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: deni ...)
-	TODO: check
+	NOT-FOR-US: Jsish
 CVE-2019-1010176
 	RESERVED
 CVE-2019-1010175
@@ -12303,7 +12303,7 @@ CVE-2019-1010165
 CVE-2019-1010164
 	RESERVED
 CVE-2019-1010163 (Socusoft Co Photo 2 Video Converter 8.0.0 is affected by: Buffer Overf ...)
-	TODO: check
+	NOT-FOR-US: Socusoft Co Photo 2 Video Converter
 CVE-2019-1010162 (jsish 2.4.74 2.0474 is affected by: CWE-476: NULL Pointer Dereference. ...)
 	NOT-FOR-US: Jsish
 CVE-2019-1010161
@@ -28015,7 +28015,7 @@ CVE-2019-3624
 CVE-2019-3623
 	RESERVED
 CVE-2019-3622 (Files or Directories Accessible to External Parties in McAfee Data Los ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3621
 	RESERVED
 CVE-2019-3620
@@ -28069,7 +28069,7 @@ CVE-2019-3597 (Authentication Bypass vulnerability in McAfee Network Security Ma
 CVE-2019-3596
 	RESERVED
 CVE-2019-3595 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3594
 	RESERVED
 CVE-2019-3593 (Exploitation of Privilege/Trust vulnerability in Microsoft Windows cli ...)
@@ -28077,7 +28077,7 @@ CVE-2019-3593 (Exploitation of Privilege/Trust vulnerability in Microsoft Window
 CVE-2019-3592 (Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 H ...)
 	NOT-FOR-US: McAfee
 CVE-2019-3591 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3590
 	RESERVED
 CVE-2019-3589
@@ -31262,7 +31262,7 @@ CVE-2019-2863 (Vulnerability in the Oracle VM VirtualBox component of Oracle Vir
 	- virtualbox 6.0.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 CVE-2019-2862 (Vulnerability in the Oracle GraalVM Enterprise Edition component of Or ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2019-2861 (Vulnerability in the Oracle Hyperion Planning component of Oracle Hype ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2860 (Vulnerability in the Oracle Clusterware component of Oracle Support To ...)
@@ -31373,7 +31373,7 @@ CVE-2019-2815 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 CVE-2019-2814 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2019-2813 (Vulnerability in the Oracle GraalVM Enterprise Edition component of Or ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2019-2812 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2019-2811 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63230a583e36d5dcb472e02c653e437ff5cb10aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63230a583e36d5dcb472e02c653e437ff5cb10aa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190724/0405287c/attachment.html>

More information about the debian-security-tracker-commits mailing list