[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed May 8 21:19:01 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
03420796 by Salvatore Bonaccorso at 2019-05-08T20:18:35Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,19 +19,19 @@ CVE-2019-11821
 CVE-2019-11820
 	RESERVED
 CVE-2019-11819 (Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro ...)
-	TODO: check
+	NOT-FOR-US: Alkacon OpenCMS
 CVE-2019-11818 (Alkacon OpenCMS v10.5.4 and before is affected by stored cross site sc ...)
-	TODO: check
+	NOT-FOR-US: Alkacon OpenCMS
 CVE-2019-11817
 	RESERVED
 CVE-2019-11816
 	RESERVED
 CVE-2019-11814 (An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.1 ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2019-11813 (An issue was discovered in app/View/Elements/Events/View/value_field.c ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2019-11812 (A persistent XSS issue was discovered in app/View/Helper/CommandHelper ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2019-11815 (An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the L ...)
 	- linux 4.19.37-1
 	NOTE: Fixed by: https://git.kernel.org/linus/cb66ddd156203daefb8d71158036b27b0e2caf63
@@ -400,9 +400,9 @@ CVE-2019-11675 (The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/g
 CVE-2019-11644
 	RESERVED
 CVE-2019-11643 (Persistent XSS has been found in the OneShield Policy (Dragon Core) fr ...)
-	TODO: check
+	NOT-FOR-US: OneShield Policy (Dragon Core) framework
 CVE-2019-11642 (A log poisoning vulnerability has been discovered in the OneShield Pol ...)
-	TODO: check
+	NOT-FOR-US: OneShield Policy (Dragon Core) framework
 CVE-2019-11641 (Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerpri ...)
 	NOT-FOR-US: Anomali Agave
 CVE-2019-11640 (An issue was discovered in GNU recutils 1.8. There is a heap-based buf ...)
@@ -738,13 +738,13 @@ CVE-2019-11512
 CVE-2019-11511 (Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the ...)
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
 CVE-2019-11510 (In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before ...)
-	TODO: check
+	NOT-FOR-US: Pulse Secure Pulse Connect Secure
 CVE-2019-11509
 	RESERVED
 CVE-2019-11508 (In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before ...)
-	TODO: check
+	NOT-FOR-US: Pulse Secure Pulse Connect Secure
 CVE-2019-11507 (In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9. ...)
-	TODO: check
+	NOT-FOR-US: Pulse Secure Pulse Connect Secure
 CVE-2019-11506 (In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, the ...)
 	- graphicsmagick 1.4~hg15968-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/57ac0ae85e2a
@@ -1022,7 +1022,7 @@ CVE-2019-11408
 CVE-2019-11407
 	RESERVED
 CVE-2019-11406 (Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, o ...)
-	TODO: check
+	NOT-FOR-US: Subrion CMS
 CVE-2019-11405 (OpenAPI Tools OpenAPI Generator before 4.0.0-20190419.052012-560 uses  ...)
 	NOT-FOR-US: OpenAPI Tools OpenAPI Generator
 CVE-2019-11404 (arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts (for compi ...)
@@ -1038,7 +1038,7 @@ CVE-2019-11400
 CVE-2019-11399
 	RESERVED
 CVE-2019-11398 (Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 a ...)
-	TODO: check
+	NOT-FOR-US: UliCMS
 CVE-2019-11397
 	RESERVED
 CVE-2019-11396
@@ -5886,7 +5886,7 @@ CVE-2019-9700
 CVE-2019-9699
 	RESERVED
 CVE-2019-9698 (Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbit ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2019-9697
 	RESERVED
 CVE-2019-9696 (Symantec VIP Enterprise Gateway (all versions) may be susceptible to a ...)
@@ -9150,7 +9150,7 @@ CVE-2019-8389 (A file-read vulnerability was identified in the Wi-Fi transfer fe
 CVE-2019-8388
 	RESERVED
 CVE-2019-8387 (MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, r ...)
-	TODO: check
+	NOT-FOR-US: MASTER IPCAMERA01 devices
 CVE-2019-8386
 	RESERVED
 CVE-2019-8385
@@ -9445,7 +9445,7 @@ CVE-2019-8287
 CVE-2019-8286
 	RESERVED
 CVE-2019-8285 (Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-b ...)
-	TODO: check
+	NOT-FOR-US: Kaspersky Lab Antivirus Engine
 CVE-2019-8284
 	RESERVED
 CVE-2019-8283



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/03420796910066e46391561fd06f23ae929a395b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/03420796910066e46391561fd06f23ae929a395b
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190508/7bc76eeb/attachment.html>

More information about the debian-security-tracker-commits mailing list