[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jun 18 21:26:43 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5f589ab by Salvatore Bonaccorso at 2019-06-18T20:26:04Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in modules/demu
 CVE-2019-12873
 	RESERVED
 CVE-2019-12872 (dotCMS before 5.1.6 is vulnerable to a SQL injection that can be explo ...)
-	TODO: check
+	NOT-FOR-US: dotCMS
 CVE-2019-12871
 	RESERVED
 CVE-2019-12870
@@ -13,7 +13,7 @@ CVE-2019-12870
 CVE-2019-12869
 	RESERVED
 CVE-2019-12868 (app/Model/Server.php in MISP 2.4.109 allows remote command execution b ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2019-12867
 	RESERVED
 CVE-2019-12866
@@ -111,7 +111,7 @@ CVE-2019-12825
 CVE-2019-12824
 	RESERVED
 CVE-2019-12823 (Craft CMS 3.1.30 has XSS. ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2019-12822 (In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a he ...)
 	NOT-FOR-US: Embedthis GoAhead
 CVE-2019-12821
@@ -4698,9 +4698,9 @@ CVE-2019-11000 (An issue was discovered in GitLab Enterprise Edition before 11.7
 CVE-2019-10999 (The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer o ...)
 	NOT-FOR-US: D-Link
 CVE-2019-10998 (An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) bef ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact
 CVE-2019-10997 (An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) bef ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact
 CVE-2019-10996
 	RESERVED
 CVE-2019-10995
@@ -13938,7 +13938,7 @@ CVE-2019-7590
 CVE-2019-7589
 	RESERVED
 CVE-2019-7588 (A vulnerability in the exacqVision Enterprise System Manager (ESM) v5. ...)
-	TODO: check
+	NOT-FOR-US: exacqVision Enterprise System Manager
 CVE-2019-7587 (Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/co ...)
 	NOT-FOR-US: Bo-blog Wind
 CVE-2019-7586
@@ -15174,7 +15174,7 @@ CVE-2019-7161 (An issue was discovered in Zoho ManageEngine ADSelfService Plus 5
 CVE-2019-7160 (idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Trav ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-7159 (OX App Suite 7.10.1 and earlier allows Information Exposure. ...)
-	TODO: check
+	NOT-FOR-US: Open-Xchange App Suite
 CVE-2019-7158 (OX App Suite 7.10.0 and earlier has Incorrect Access Control. ...)
 	NOT-FOR-US: Open-Xchange App Suite
 CVE-2019-7157
@@ -15659,7 +15659,7 @@ CVE-2019-6967 (AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF. ...)
 CVE-2019-6966 (An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in ...)
 	NOT-FOR-US: Bento4
 CVE-2019-6965 (An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/ ...)
-	TODO: check
+	NOT-FOR-US: i-doit
 CVE-2019-6964
 	RESERVED
 CVE-2019-6963
@@ -22121,7 +22121,7 @@ CVE-2019-4144
 CVE-2019-4143 (The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1  ...)
 	NOT-FOR-US: IBM
 CVE-2019-4142 (IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to cros ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4141
 	RESERVED
 CVE-2019-4140



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d5f589abc38a18f3f1ef7099c7fe00d402f9cf76

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d5f589abc38a18f3f1ef7099c7fe00d402f9cf76
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190618/282c60c5/attachment.html>

More information about the debian-security-tracker-commits mailing list