[Git][security-tracker-team/security-tracker][master] Process some NMUs

Thu May 9 18:54:34 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
40b7e0d7 by Salvatore Bonaccorso at 2019-05-09T17:54:02Z
Process some NMUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30,7 +30,7 @@ CVE-2019-11822
 CVE-2019-11821
 	RESERVED
 CVE-2019-11820 (Information exposure through process environment vulnerability in Syno ...)
-	TODO: check
+	NOT-FOR-US: Synology Calendar
 CVE-2019-11819 (Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro ...)
 	NOT-FOR-US: Alkacon OpenCMS
 CVE-2019-11818 (Alkacon OpenCMS v10.5.4 and before is affected by stored cross site sc ...)
@@ -11425,7 +11425,7 @@ CVE-2019-7443 (KDE KAuth before 5.55 allows the passing of parameters with arbit
 	NOTE: https://mail.kde.org/pipermail/kde-announce/2019-February/000011.html
 	NOTE: https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a
 CVE-2019-7442 (An XML external entity (XXE) vulnerability in the Password Vault Web A ...)
-	TODO: check
+	NOT-FOR-US: CyberArk Enterprise Password Vault
 CVE-2019-7441 (cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Ga ...)
 	NOT-FOR-US: WooCommerce
 CVE-2019-7440 (JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Ke ...)
@@ -17325,7 +17325,7 @@ CVE-2019-5023
 CVE-2019-5022
 	REJECTED
 CVE-2019-5021 (Versions of the Official Alpine Linux Docker images (since v3.3) conta ...)
-	TODO: check
+	NOT-FOR-US: Official Alpine Linux Docker images
 CVE-2019-5020
 	RESERVED
 CVE-2019-5019 (A heap-based overflow vulnerability exists in the PowerPoint document  ...)
@@ -17339,7 +17339,7 @@ CVE-2019-5016
 CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS X vers ...)
 	NOT-FOR-US: Apple
 CVE-2019-5014 (An exploitable improper access control vulnerability exists in the blu ...)
-	TODO: check
+	NOT-FOR-US: Winco Fireworks FireFly FW-1007
 CVE-2019-5013
 	RESERVED
 CVE-2019-5012
@@ -69768,9 +69768,9 @@ CVE-2018-5411 (Pixar's Tractor software, versions 2.2 and earlier, contain a sto
 CVE-2018-5410 (Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a ...)
 	NOT-FOR-US: Dokan
 CVE-2018-5409 (The PrinterLogic Print Management software, versions up to and includi ...)
-	TODO: check
+	NOT-FOR-US: PrinterLogic Print Management software
 CVE-2018-5408 (The PrinterLogic Print Management software, versions up to and includi ...)
-	TODO: check
+	NOT-FOR-US: PrinterLogic Print Management software
 CVE-2018-5407 (Simultaneous Multi-threading (SMT) in processors can enable local user ...)
 	{DSA-4355-1 DSA-4348-1 DLA-1586-1}
 	- openssl 1.1.1~~pre9-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40b7e0d7b64e4dc4da1ea4cde602f8d21f636b65

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40b7e0d7b64e4dc4da1ea4cde602f8d21f636b65
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190509/d4fc410e/attachment.html>
