[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Jun 24 21:29:01 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
680386cc by Salvatore Bonaccorso at 2019-06-24T20:27:16Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,9 +15,9 @@ CVE-2019-12942
 CVE-2019-12941
 	RESERVED
 CVE-2019-12940 (LiveZilla Server before 8.0.1.1 is vulnerable to Denial Of Service (me ...)
-	TODO: check
+	NOT-FOR-US: LiveZilla
 CVE-2019-12939 (LiveZilla Server before 8.0.1.1 is vulnerable to SQL Injection in serv ...)
-	TODO: check
+	NOT-FOR-US: LiveZilla
 CVE-2019-12938 (The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to p ...)
 	TODO: check
 CVE-2018-20843 (In libexpat in Expat before 2.2.7, XML input including XML names that  ...)
@@ -25,7 +25,7 @@ CVE-2018-20843 (In libexpat in Expat before 2.2.7, XML input including XML names
 CVE-2019-12937 (apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow  ...)
 	TODO: check
 CVE-2019-12936 (BlueStacks App Player 2, 3, and 4 before 4.90 allows DNS Rebinding for ...)
-	TODO: check
+	NOT-FOR-US: BlueStacks App Player
 CVE-2019-12934
 	RESERVED
 CVE-2019-12935 (Shopware before 5.5.8 has XSS via the Query String to the backend/Logi ...)
@@ -143,7 +143,7 @@ CVE-2019-12881 (i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_user
 	- linux <undetermined>
 	NOTE: https://gist.github.com/oxagast/472866fb2c3d439e10499d7141d0a520
 CVE-2019-12880 (BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking ...)
-	TODO: check
+	NOT-FOR-US: BCN Quark Quarking Password Manager
 CVE-2019-12879
 	RESERVED
 CVE-2019-12878
@@ -164,11 +164,11 @@ CVE-2019-12873
 CVE-2019-12872 (dotCMS before 5.1.6 is vulnerable to a SQL injection that can be explo ...)
 	NOT-FOR-US: dotCMS
 CVE-2019-12871 (An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Wo ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX CONTACT PC Worx
 CVE-2019-12870 (An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Wo ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX CONTACT PC Worx
 CVE-2019-12869 (An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Wo ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX CONTACT PC Worx
 CVE-2019-12868 (app/Model/Server.php in MISP 2.4.109 allows remote command execution b ...)
 	NOT-FOR-US: MISP
 CVE-2019-12867



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/680386cc34b66cbff168436822e824da132d2b21

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/680386cc34b66cbff168436822e824da132d2b21
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190624/620bb3cf/attachment.html>

More information about the debian-security-tracker-commits mailing list