[Git][security-tracker-team/security-tracker][master] 2 commits: Slightly change order of source package entries

Tue Jun 25 22:08:04 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d584b38f by Salvatore Bonaccorso at 2019-06-25T21:02:00Z
Slightly change order of source package entries

- - - - -
749aa20e by Salvatore Bonaccorso at 2019-06-25T21:07:21Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2019-12940 (LiveZilla Server before 8.0.1.1 is vulnerable to Denial Of Servi
 CVE-2019-12939 (LiveZilla Server before 8.0.1.1 is vulnerable to SQL Injection in serv ...)
 	NOT-FOR-US: LiveZilla
 CVE-2019-12938 (The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to p ...)
-	TODO: check
+	NOT-FOR-US: Roundcube component of Analogic Poste.io
 CVE-2018-20843 (In libexpat in Expat before 2.2.7, XML input including XML names that  ...)
 	- expat 2.2.6-2 (bug #931031)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
@@ -5822,7 +5822,7 @@ CVE-2019-10691 (The JSON encoder in Dovecot before 2.3.5.2 allows attackers to r
 CVE-2019-10690
 	RESERVED
 CVE-2019-10689 (VVX products using UCS software version 5.9.2 and earlier with Better  ...)
-	TODO: check
+	NOT-FOR-US: VVX products using UCS software
 CVE-2019-10688 (VVX products with software versions including and prior to, UCS 5.9.2  ...)
 	NOT-FOR-US: VVX products using UCS
 CVE-2019-10687
@@ -17497,9 +17497,9 @@ CVE-2019-6331
 CVE-2019-6330
 	RESERVED
 CVE-2019-6329 (HP Support Assistant 8.7.50 and earlier allows a user to gain system p ...)
-	TODO: check
+	NOT-FOR-US: HP Support Assistant
 CVE-2019-6328 (HP Support Assistant 8.7.50 and earlier allows a user to gain system p ...)
-	TODO: check
+	NOT-FOR-US: HP Support Assistant
 CVE-2019-6327 (HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v ...)
 	NOT-FOR-US: HP
 CVE-2019-6326 (HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v ...)
@@ -23355,9 +23355,9 @@ CVE-2019-3812 (QEMU, through version 2.10 and through version 3.1.0, is vulnerab
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=78c71af8049c40657b646d9dd722867fa15c0f1b
 CVE-2019-3811 (A vulnerability was found in sssd. If a user was configured with no ho ...)
 	{DLA-1635-1}
+	- sssd <unfixed> (bug #919051)
 	[buster] - sssd <no-dsa> (Minor issue)
 	[stretch] - sssd <no-dsa> (Minor issue)
-	- sssd <unfixed> (bug #919051)
 	NOTE: Upstream ticket: https://pagure.io/SSSD/sssd/issue/3901
 	NOTE: Pull request: https://github.com/SSSD/sssd/pull/703
 	NOTE: Fixed by: https://github.com/SSSD/sssd/commit/90f32399b4100ce39cf665649fde82d215e5eb49 (master)
@@ -57717,9 +57717,9 @@ CVE-2018-10853 (A flaw was found in the way Linux kernel KVM hypervisor before 4
 	NOTE: Fixed by: https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6
 CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the available s ...)
 	{DLA-1429-1}
+	- sssd <unfixed> (bug #902860)
 	[buster] - sssd <no-dsa> (Minor issue)
 	[stretch] - sssd <no-dsa> (Minor issue)
-	- sssd <unfixed> (bug #902860)
 	NOTE: https://pagure.io/SSSD/sssd/issue/3766
 CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4. ...)
 	- pdns 4.1.5-1 (bug #913163)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c4033775c5141833ea637b88b4fb427fd1c725b8...749aa20e94da55d10a1460433fb353ff1e55f4af

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c4033775c5141833ea637b88b4fb427fd1c725b8...749aa20e94da55d10a1460433fb353ff1e55f4af
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190625/81dfe8ac/attachment.html>
