[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6fb94030 by Salvatore Bonaccorso at 2019-05-08T14:17:32Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2758,7 +2758,7 @@ CVE-2019-10714 (LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0
 CVE-2019-10713
 	RESERVED
 CVE-2019-10712 (The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831 ...)
-	TODO: check
+	NOT-FOR-US: WAGO Series devices
 CVE-2019-10711 (Incorrect access control in the RTSP stream and web portal on all IP c ...)
 	NOT-FOR-US: IP cameras based on Hisilicon Hi3510 firmware
 CVE-2019-10710 (Insecure permissions in the Web management portal on all IP cameras ba ...)
@@ -3741,7 +3741,7 @@ CVE-2019-1003041 (A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plu
 CVE-2019-1003040 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55  ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2019-10249 (All Xtext & Xtend versions prior to 2.18.0 were built using HTTP i ...)
-	TODO: check
+	NOT-FOR-US: Eclipse Xtext & Xtend
 CVE-2019-10248 (Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts fo ...)
 	NOT-FOR-US: Eclipse Vorto
 CVE-2019-10247 (In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, ...)
@@ -11097,7 +11097,7 @@ CVE-2018-20760 (In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/
 	NOTE: https://github.com/gpac/gpac/commit/4c1360818fc8948e9307059fba4dc47ba8ad255d
 	NOTE: https://github.com/gpac/gpac/issues/1177
 CVE-2019-7541 (Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=use ...)
-	TODO: check
+	NOT-FOR-US: Rukovoditel
 CVE-2019-7540
 	RESERVED
 CVE-2019-7539 (A code injection issue was discovered in ipycache through 2016-05-31. ...)
@@ -16412,15 +16412,15 @@ CVE-2019-5436
 CVE-2019-5435
 	RESERVED
 CVE-2019-5434 (An attacker could send a specifically crafted payload to the XML-RPC i ...)
-	TODO: check
+	NOT-FOR-US: Revive Adserver
 CVE-2019-5433 (A user having access to the UI of a Revive Adserver instance could be  ...)
-	TODO: check
+	NOT-FOR-US: Revive Adserver
 CVE-2019-5432 (A specifically malformed MQTT Subscribe packet crashes MQTT Brokers us ...)
 	TODO: check
 CVE-2019-5431 (This vulnerability was caused by an incomplete fix to CVE-2017-0911. T ...)
 	NOT-FOR-US: Twitter Kit for iOS
 CVE-2019-5430 (In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, i ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti Networks UniFi Video
 CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacke ...)
 	- filezilla <unfixed> (low; bug #928282)
 	[stretch] - filezilla <no-dsa> (Minor issue)
@@ -65705,9 +65705,9 @@ CVE-2017-18159 (In Android releases from CAF using the linux kernel (Android for
 CVE-2017-18158 (Possible buffer overflows and array out of bounds accesses in Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18157 (A Use After Free Condition can occur in Thermal Engine in Snapdragon A ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2017-18156 (While processing camera buffers in camera driver, a use after free con ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2017-18155 (While playing HEVC content using HD DMB in Snapdragon Automobile and S ...)
 	NOT-FOR-US: Snapdragon
 CVE-2017-18154 (A crafted binder request can cause an arbitrary unmap in MediaServer i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fb94030fa39fc2302dc541464a098b9393f8006

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fb94030fa39fc2302dc541464a098b9393f8006
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190508/59497920/attachment.html>