[Git][security-tracker-team/security-tracker][master] NFUs

Thu Jun 20 07:28:50 BST 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9cef5dfb by Moritz Muehlenhoff at 2019-06-20T06:28:20Z
NFUs
kfreebsd n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,6 @@ CVE-2019-12882
 CVE-2019-12881 (i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c  ...)
 	- linux <undetermined>
 	NOTE: https://gist.github.com/oxagast/472866fb2c3d439e10499d7141d0a520
-	TODO: check
 CVE-2019-12880
 	RESERVED
 CVE-2019-12879
@@ -35,7 +34,7 @@ CVE-2019-12877
 CVE-2019-12876
 	RESERVED
 CVE-2019-12875 (Alpine Linux abuild through 3.4.0 allows an unprivileged member of the ...)
-	TODO: check
+	NOT-FOR-US: Alpine Linux
 CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in modules/demux/mkv/ ...)
 	{DSA-4459-1}
 	- vlc 3.0.7-1
@@ -206,7 +205,7 @@ CVE-2019-12802 (In radare2 through 3.5.1, the rcc_context function of libr/egg/e
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/14296
 CVE-2019-12801 (out/out.GroupMgr.php in SeedDMS 5.1.11 has Stored XSS by making a new  ...)
-	TODO: check
+	NOT-FOR-US: SeedDMS
 CVE-2019-12800
 	RESERVED
 CVE-2019-12819 (An issue was discovered in the Linux kernel before 5.0. The function _ ...)
@@ -1021,7 +1020,7 @@ CVE-2019-12458 (FileRun 2019.05.21 allows css/ext-ux Directory Listing. ...)
 CVE-2019-12457 (FileRun 2019.05.21 allows images/extjs Directory Listing. ...)
 	NOT-FOR-US: FileRun
 CVE-2018-20840 (An unhandled exception vulnerability exists during Google Sign-In with ...)
-	TODO: check
+	NOT-FOR-US: Google Sign-In
 CVE-2019-12499 (Firejail before 0.9.60 allows truncation (resizing to length 0) of the ...)
 	- firejail 0.9.58.2-2 (bug #929733)
 	NOTE: https://github.com/netblue30/firejail/issues/2401
@@ -1860,7 +1859,7 @@ CVE-2018-20839 (systemd 242 changes the VT1 mode upon a logout, which allows att
 	NOTE: The fix introduced a regression, cf. https://bugs.debian.org/929229
 	NOTE: Issue was originally fixed for unstable in 241-4 but was reverted in 241-5
 CVE-2019-12149 (SQL injection vulnerability in silverstripe/restfulserver module 1.0.x ...)
-	TODO: check
+	NOT-FOR-US: SilverStripe
 CVE-2019-12148
 	RESERVED
 CVE-2019-12147
@@ -19198,6 +19197,7 @@ CVE-2019-5600
 	RESERVED
 CVE-2019-5599
 	RESERVED
+	- kfreebsd-10 <not-affected> (Only affects FreeBSD 12)
 CVE-2019-5598 (In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.asc



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cef5dfb779ed5a2f172269d9e8b475acb679725

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cef5dfb779ed5a2f172269d9e8b475acb679725
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190620/4773940e/attachment.html>
