[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Sun Mar 31 07:59:10 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
88ea83a9 by Salvatore Bonaccorso at 2019-03-31T06:58:45Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2019-10654 (The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as us
CVE-2019-10653
RESERVED
CVE-2019-10652 (An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote a ...)
- TODO: check
+ NOT-FOR-US: flatCore
CVE-2019-10651
RESERVED
CVE-2019-10650 (In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in ...)
@@ -7828,7 +7828,7 @@ CVE-2019-7615
CVE-2019-7614
RESERVED
CVE-2019-7613 (Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient loggin ...)
- TODO: check
+ NOT-FOR-US: Winlogbeat
CVE-2019-7612 (A sensitive data disclosure flaw was found in the way Logstash version ...)
- logstash <itp> (bug #664841)
CVE-2019-7611 (A permission issue was found in Elasticsearch versions before 5.6.15 a ...)
@@ -10667,7 +10667,7 @@ CVE-2019-6483
CVE-2019-6482
RESERVED
CVE-2019-6481 (Abine Blur 7.8.2431 allows remote attackers to conduct "Second-Factor ...)
- TODO: check
+ NOT-FOR-US: Abine Blur
CVE-2019-6480
RESERVED
CVE-2019-6479
@@ -28629,7 +28629,7 @@ CVE-2018-19203 (PRTG Network Monitor before 18.2.41.1652 allows remote unauthent
CVE-2018-19202
RESERVED
CVE-2018-19201 (A reflected XSS vulnerability in the ModCP Profile Editor in MyBB befo ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2018-19200 (An issue was discovered in uriparser before 0.9.0. UriCommon.c allows ...)
{DLA-1581-1}
- uriparser 0.9.0-1 (bug #913817)
@@ -29673,7 +29673,7 @@ CVE-2018-18768
CVE-2018-18767 (An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. ...)
NOT-FOR-US: D-Link
CVE-2018-18766 (An elevation of privilege vulnerability exists in the Call Dispatcher ...)
- TODO: check
+ NOT-FOR-US: Provisio SiteKiosk
CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
- smplayer 18.5.0~ds1-1
[stretch] - smplayer <not-affected> (Vulnerable code not present)
@@ -62859,7 +62859,7 @@ CVE-2017-18113
CVE-2017-18112
RESERVED
CVE-2017-18111 (The OAuthHelper in Atlassian Application Links before version 5.0.10, ...)
- TODO: check
+ NOT-FOR-US: Atlassian Application Links
CVE-2017-18110 (The administration backup restore resource in Atlassian Crowd before v ...)
NOT-FOR-US: Atlassian Crowd
CVE-2017-18109 (The login resource of CrowdId in Atlassian Crowd before version 3.0.2 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/88ea83a9156a18d38bed78647737ca4be620a979
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/88ea83a9156a18d38bed78647737ca4be620a979
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190331/2384e5a0/attachment.html>
More information about the debian-security-tracker-commits
mailing list