[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Mon May 20 21:34:52 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
132a1a68 by Salvatore Bonaccorso at 2019-05-20T20:34:10Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -903,7 +903,7 @@ CVE-2019-11810 (An issue was discovered in the Linux kernel before 5.0.7. A NULL
 	[stretch] - linux 4.9.168-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bcf3b67d16a4c8ffae0aa79de5853435e683945c
 CVE-2019-11809 (An issue was discovered in Joomla! before 3.9.6. The debug views of co ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2018-20836 (An issue was discovered in the Linux kernel before 4.20. There is a ra ...)
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/b90cd6f2b905905fb42671009dc0e27c310a16ae
@@ -10193,7 +10193,7 @@ CVE-2019-8354 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_d
 CVE-2019-8353
 	RESERVED
 CVE-2019-8352 (By default, BMC PATROL Agent through 11.3.01 uses a static encryption  ...)
-	TODO: check
+	NOT-FOR-US: BMC PATROL Agent
 CVE-2019-8351 (Heimdal Thor Agent 2.5.17x before 2.5.173 does not verify X.509 certif ...)
 	NOT-FOR-US: Heimdal Thor Agent
 CVE-2019-8350 (The Simple - Better Banking application 2.45.0 through 2.45.3 (fixed i ...)
@@ -19756,7 +19756,7 @@ CVE-2019-4295
 CVE-2019-4294
 	RESERVED
 CVE-2019-4293 (IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attac ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4292
 	RESERVED
 CVE-2019-4291
@@ -20226,7 +20226,7 @@ CVE-2019-4060
 CVE-2019-4059 (IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently pro ...)
 	NOT-FOR-US: IBM
 CVE-2019-4058 (IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to ma ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4057
 	RESERVED
 CVE-2019-4056
@@ -20320,7 +20320,7 @@ CVE-2019-4013 (IBM BigFix Platform 9.5 could allow any authenticated user to upl
 CVE-2019-4012 (IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is  ...)
 	NOT-FOR-US: IBM
 CVE-2019-4011 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4010
 	RESERVED
 CVE-2019-4009
@@ -29980,7 +29980,7 @@ CVE-2019-1010
 CVE-2019-1009
 	RESERVED
 CVE-2019-1008 (A security feature bypass vulnerability exists in Dynamics On Premise, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Dynamics On-Premise
 CVE-2019-1007
 	RESERVED
 CVE-2019-1006
@@ -51204,7 +51204,7 @@ CVE-2018-12272 (xowl/request.php in Ximdex 4.0 has XSS via the content parameter
 CVE-2018-12271 (** DISPUTED ** An issue was discovered in the com.getdropbox.Dropbox a ...)
 	NOT-FOR-US: com.getdropbox.Dropbox app for IOS
 CVE-2018-12270 (In Valve Steam 1528829181 BETA, it is possible to perform a homograph  ...)
-	TODO: check
+	NOT-FOR-US: Valve Steam
 CVE-2018-12269
 	RESERVED
 CVE-2018-12268 (acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metac ...)
@@ -80351,7 +80351,7 @@ CVE-2018-2007 (IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected c
 CVE-2018-2006 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
 	NOT-FOR-US: IBM
 CVE-2018-2005 (IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive informati ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-2004 (IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cr ...)
 	NOT-FOR-US: IBM
 CVE-2018-2003



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/132a1a688deaaa55a74479f0e77f772fe4d79ea8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/132a1a688deaaa55a74479f0e77f772fe4d79ea8
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190520/979a6e78/attachment.html>

More information about the debian-security-tracker-commits mailing list