[Git][security-tracker-team/security-tracker][master] Process some NMUs
Salvatore Bonaccorso
carnil at debian.org
Thu May 9 18:54:34 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
40b7e0d7 by Salvatore Bonaccorso at 2019-05-09T17:54:02Z
Process some NMUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30,7 +30,7 @@ CVE-2019-11822
CVE-2019-11821
RESERVED
CVE-2019-11820 (Information exposure through process environment vulnerability in Syno ...)
- TODO: check
+ NOT-FOR-US: Synology Calendar
CVE-2019-11819 (Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro ...)
NOT-FOR-US: Alkacon OpenCMS
CVE-2019-11818 (Alkacon OpenCMS v10.5.4 and before is affected by stored cross site sc ...)
@@ -11425,7 +11425,7 @@ CVE-2019-7443 (KDE KAuth before 5.55 allows the passing of parameters with arbit
NOTE: https://mail.kde.org/pipermail/kde-announce/2019-February/000011.html
NOTE: https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a
CVE-2019-7442 (An XML external entity (XXE) vulnerability in the Password Vault Web A ...)
- TODO: check
+ NOT-FOR-US: CyberArk Enterprise Password Vault
CVE-2019-7441 (cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Ga ...)
NOT-FOR-US: WooCommerce
CVE-2019-7440 (JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Ke ...)
@@ -17325,7 +17325,7 @@ CVE-2019-5023
CVE-2019-5022
REJECTED
CVE-2019-5021 (Versions of the Official Alpine Linux Docker images (since v3.3) conta ...)
- TODO: check
+ NOT-FOR-US: Official Alpine Linux Docker images
CVE-2019-5020
RESERVED
CVE-2019-5019 (A heap-based overflow vulnerability exists in the PowerPoint document ...)
@@ -17339,7 +17339,7 @@ CVE-2019-5016
CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS X vers ...)
NOT-FOR-US: Apple
CVE-2019-5014 (An exploitable improper access control vulnerability exists in the blu ...)
- TODO: check
+ NOT-FOR-US: Winco Fireworks FireFly FW-1007
CVE-2019-5013
RESERVED
CVE-2019-5012
@@ -69768,9 +69768,9 @@ CVE-2018-5411 (Pixar's Tractor software, versions 2.2 and earlier, contain a sto
CVE-2018-5410 (Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a ...)
NOT-FOR-US: Dokan
CVE-2018-5409 (The PrinterLogic Print Management software, versions up to and includi ...)
- TODO: check
+ NOT-FOR-US: PrinterLogic Print Management software
CVE-2018-5408 (The PrinterLogic Print Management software, versions up to and includi ...)
- TODO: check
+ NOT-FOR-US: PrinterLogic Print Management software
CVE-2018-5407 (Simultaneous Multi-threading (SMT) in processors can enable local user ...)
{DSA-4355-1 DSA-4348-1 DLA-1586-1}
- openssl 1.1.1~~pre9-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40b7e0d7b64e4dc4da1ea4cde602f8d21f636b65
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40b7e0d7b64e4dc4da1ea4cde602f8d21f636b65
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190509/d4fc410e/attachment.html>
More information about the debian-security-tracker-commits
mailing list