[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Jun 22 13:25:56 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c528b7b by Salvatore Bonaccorso at 2019-06-22T12:25:29Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -210,7 +210,7 @@ CVE-2019-12838
 CVE-2019-12837
 	RESERVED
 CVE-2019-12836 (The Bobronix JEditor editor before 3.0.6 for Jira allows an attacker t ...)
-	TODO: check
+	NOT-FOR-US: Bobronix JEditor editor for Jira
 CVE-2019-12835 (formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds ...)
 	NOT-FOR-US: Leanify
 CVE-2019-12834
@@ -826,7 +826,7 @@ CVE-2019-12574
 CVE-2019-12573
 	RESERVED
 CVE-2019-12572 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
-	TODO: check
+	NOT-FOR-US: London Trust Media Private Internet Access (PIA) VPN Client
 CVE-2019-12571
 	RESERVED
 CVE-2019-12570
@@ -3844,7 +3844,7 @@ CVE-2019-11394
 CVE-2019-11393 (An issue was discovered in /admin/users/update in M/Monit before 3.7.3 ...)
 	NOT-FOR-US: M/Monit
 CVE-2019-11392 (BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndic ...)
-	TODO: check
+	NOT-FOR-US: BlogEngine.NET
 CVE-2019-11391 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...)
 	- modsecurity-crs <unfixed> (unimportant; bug #928053)
 	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1357
@@ -4819,7 +4819,7 @@ CVE-2019-11013
 CVE-2019-11012
 	RESERVED
 CVE-2019-11011 (Akamai CloudTest before 58.30 allows remote code execution. ...)
-	TODO: check
+	NOT-FOR-US: Akamai CloudTest
 CVE-2019-11010 (In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in  ...)
 	{DLA-1755-1}
 	- graphicsmagick 1.4~hg15968-1 (bug #927029)
@@ -5657,11 +5657,11 @@ CVE-2019-10722
 CVE-2019-10721
 	RESERVED
 CVE-2019-10720 (BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remo ...)
-	TODO: check
+	NOT-FOR-US: BlogEngine.NET
 CVE-2019-10719 (BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remo ...)
-	TODO: check
+	NOT-FOR-US: BlogEngine.NET
 CVE-2019-10718 (BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind In ...)
-	TODO: check
+	NOT-FOR-US: BlogEngine.NET
 CVE-2019-10717
 	RESERVED
 CVE-2019-10716
@@ -6585,7 +6585,7 @@ CVE-2019-10272 (An issue was discovered in Weaver e-cology 9.0. There is a CRLF
 CVE-2019-10271
 	RESERVED
 CVE-2019-10270 (An arbitrary password reset issue was discovered in the Ultimate Membe ...)
-	TODO: check
+	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2019-10269 (BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based b ...)
 	- bwa 0.7.17-3 (low; bug #926014)
 	[stretch] - bwa 0.7.15-2+deb9u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c528b7bd0e32f5f7a2e0e4fd5f7e7660a462da5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c528b7bd0e32f5f7a2e0e4fd5f7e7660a462da5
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190622/abb7b0ec/attachment.html>


More information about the debian-security-tracker-commits mailing list