[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed May 15 08:43:44 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bbd22c66 by Moritz Muehlenhoff at 2019-05-15T07:42:31Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2362,7 +2362,7 @@ CVE-2019-1003050 (The f:validateButton form control for the Jenkins UI did not p
 CVE-2019-1003049 (Users who cached their CLI authentication before Jenkins was updated t ...)
 	NOT-FOR-US: Jenkins
 CVE-2019-11066 (openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted Open ...)
-	TODO: check
+	NOT-FOR-US: LightOpenID
 CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download ...)
 	- gradle <unfixed> (bug #926923)
 	[buster] - gradle <no-dsa> (Minor issue)
@@ -10948,6 +10948,7 @@ CVE-2019-7838
 	RESERVED
 CVE-2019-7837
 	RESERVED
+	NOT-FOR-US: Adobe
 CVE-2019-7836
 	RESERVED
 CVE-2019-7835
@@ -29684,8 +29685,10 @@ CVE-2019-0982
 	RESERVED
 CVE-2019-0981
 	RESERVED
+	NOT-FOR-US: Microsoft .NET Core
 CVE-2019-0980
 	RESERVED
+	NOT-FOR-US: Microsoft .NET Core
 CVE-2019-0979
 	RESERVED
 CVE-2019-0978
@@ -30006,6 +30009,7 @@ CVE-2019-0821 (An information disclosure vulnerability exists in the way that th
 	NOT-FOR-US: Windows SMB Server
 CVE-2019-0820
 	RESERVED
+	NOT-FOR-US: Microsoft .NET Core
 CVE-2019-0819
 	RESERVED
 CVE-2019-0818
@@ -38796,6 +38800,7 @@ CVE-2018-16860 [Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum]
 	[stretch] - heimdal <no-dsa> (Minor issue)
 	- samba 2:4.9.5+dfsg-4
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16860.html
+	NOTE: https://github.com/heimdal/heimdal/commit/c6257cc2c842c0faaeb4ef34e33890ee88c4cbba
 CVE-2018-16859 (Execution of Ansible playbooks on Windows platforms with PowerShell Sc ...)
 	- ansible <not-affected> (Only issue when executing Ansible playbooks on Windows platforms)
 CVE-2018-16858 (It was found that libreoffice before versions 6.0.7 and 6.1.3 was vuln ...)
@@ -144814,6 +144819,7 @@ CVE-2016-7044 (The unformat_24bit_color function in the format parsing code in I
 	NOTE: http://irssi.org/security/irssi_sa_2016.txt
 CVE-2016-7043
 	RESERVED
+	NOT-FOR-US: Kie server
 CVE-2016-7042 (The proc_keys_show function in security/keys/proc.c in the Linux kerne ...)
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.7.8-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bbd22c665c9e25a1e19ffc46a5c30c9144fc5ea9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bbd22c665c9e25a1e19ffc46a5c30c9144fc5ea9
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190515/fd7b44fb/attachment.html>

More information about the debian-security-tracker-commits mailing list