[Git][security-tracker-team/security-tracker][master] Process NFUs

Wed Jun 12 21:21:15 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
60928036 by Salvatore Bonaccorso at 2019-06-12T20:20:49Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16,7 +16,7 @@ CVE-2016-10760 (On Seowon Intech routers, there is a Command Injection vulnerabi
 CVE-2013-7471 (An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-8 ...)
 	NOT-FOR-US: D-Link
 CVE-2010-5330 (On certain Ubiquiti devices, Command Injection exists via a GET reques ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2009-5157 (On Linksys WAG54G2 1.00.10 devices, there is authenticated command inj ...)
 	NOT-FOR-US: Linksys
 CVE-2009-5156 (An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Co ...)
@@ -1616,13 +1616,13 @@ CVE-2019-12148
 CVE-2019-12147
 	RESERVED
 CVE-2019-12146 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
-	TODO: check
+	NOT-FOR-US: Progress ipswitch WS_FTP Server
 CVE-2019-12145 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
-	TODO: check
+	NOT-FOR-US: Progress ipswitch WS_FTP Server
 CVE-2019-12144 (An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FT ...)
-	TODO: check
+	NOT-FOR-US: Progress ipswitch WS_FTP Server
 CVE-2019-12143 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
-	TODO: check
+	NOT-FOR-US: Progress ipswitch WS_FTP Server
 CVE-2019-12142
 	RESERVED
 CVE-2019-12141
@@ -3619,7 +3619,7 @@ CVE-2019-11336 (Sony Bravia Smart TV devices allow remote attackers to retrieve
 CVE-2019-11335
 	RESERVED
 CVE-2019-11334 (An authentication bypass in website post requests in the Tzumi Electro ...)
-	TODO: check
+	NOT-FOR-US: Tzumi Electronics Klic Lock application for mobile devices
 CVE-2019-11333
 	RESERVED
 CVE-2019-11332 (MKCMS 5.0 allows remote attackers to take over arbitrary user accounts ...)
@@ -4523,7 +4523,7 @@ CVE-2019-10973
 CVE-2019-10972
 	RESERVED
 CVE-2019-10971 (The application (Network Configurator for DeviceNet Safety 3.41 and pr ...)
-	TODO: check
+	NOT-FOR-US: Omron
 CVE-2019-10970
 	RESERVED
 CVE-2019-10969
@@ -4613,9 +4613,9 @@ CVE-2019-10928
 CVE-2019-10927
 	RESERVED
 CVE-2019-10926 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-10925 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-10924 (A vulnerability has been identified in LOGO! Soft Comfort (All version ...)
 	NOT-FOR-US: Siemens
 CVE-2019-10923
@@ -6484,7 +6484,7 @@ CVE-2019-10158
 	RESERVED
 	NOT-FOR-US: infinispan
 CVE-2019-10157 (It was found that Keycloak's Node.js adapter before version 4.8.3 did  ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2019-10156 [templating causing an unexpected key file to be set on remote node]
 	RESERVED
 	- ansible <unfixed> (bug #930065)
@@ -8549,7 +8549,7 @@ CVE-2019-9678
 CVE-2019-9677
 	RESERVED
 CVE-2019-9676 (Buffer overflow vulnerability found in some Dahua IP Camera devices IP ...)
-	TODO: check
+	NOT-FOR-US: Dahua IP Camera devices
 CVE-2019-9675 (** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7. ...)
 	{DSA-4403-1}
 	- php7.3 7.3.3-1 (unimportant)
@@ -16247,7 +16247,7 @@ CVE-2019-6586
 CVE-2019-6585
 	RESERVED
 CVE-2019-6584 (A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-6583
 	RESERVED
 CVE-2019-6582 (A vulnerability has been identified in Siveillance VMS 2017 R2 (All ve ...)
@@ -16273,7 +16273,7 @@ CVE-2019-6573
 CVE-2019-6572 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
 	NOT-FOR-US: Siemens
 CVE-2019-6571 (A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-6570 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
 	NOT-FOR-US: Siemens
 CVE-2019-6569 (A vulnerability has been identified in Scalance X-200 (All versions &l ...)
@@ -22260,9 +22260,9 @@ CVE-2019-3949
 CVE-2019-3948
 	RESERVED
 CVE-2019-3947 (Fuji Electric V-Server before 6.0.33.0 stores database credentials in  ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2019-3946 (Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of serv ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric V-Server
 CVE-2019-3945
 	RESERVED
 CVE-2019-3944
@@ -22487,9 +22487,9 @@ CVE-2019-3874 (The SCTP socket buffer used by a userspace application is not acc
 	[jessie] - linux <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1686373
 CVE-2019-3873 (It was found that Picketlink as shipped with Jboss Enterprise Applicat ...)
-	TODO: check
+	NOT-FOR-US: Picketlink
 CVE-2019-3872 (It was found that a SAMLRequest containing a script could be processed ...)
-	TODO: check
+	NOT-FOR-US: Picketlink
 CVE-2019-3871 (A vulnerability was found in PowerDNS Authoritative Server before 4.0. ...)
 	{DSA-4424-1 DLA-1737-1}
 	- pdns 4.1.6-2 (bug #924966)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6092803611199bc51c32ede667667a0918a90536

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6092803611199bc51c32ede667667a0918a90536
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190612/27fed0fd/attachment.html>
