[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Nov 13 08:30:00 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d9c0856 by Salvatore Bonaccorso at 2019-11-13T08:29:32Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7111,11 +7111,11 @@ CVE-2019-17334
 CVE-2019-17333
 	RESERVED
 CVE-2019-17332 (The Digital Asset Manager Web Interface component of TIBCO Software In ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2019-17331 (The Data Exchange Web Interface component of TIBCO Software Inc.'s TIB ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2019-17330 (The Web server component of TIBCO Software Inc.'s TIBCO EBX contains m ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2019-17329
 	RESERVED
 CVE-2019-17328
@@ -16149,9 +16149,9 @@ CVE-2019-14368 (Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafI
 CVE-2019-14367 (Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An ...)
 	TODO: check
 CVE-2019-14366 (WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access T ...)
-	TODO: check
+	NOT-FOR-US: WP SlackSync plugin for WordPress
 CVE-2019-14365 (The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access T ...)
-	TODO: check
+	NOT-FOR-US: Intercom plugin for WordPress
 CVE-2019-14364 (An XSS vulnerability in the "Email Subscribers & Newsletters" plug ...)
 	NOT-FOR-US: "Email Subscribers & Newsletters" plugin for WordPress
 CVE-2019-14363 (A stack-based buffer overflow in the upnpd binary running on NETGEAR W ...)
@@ -40096,7 +40096,7 @@ CVE-2019-6190
 CVE-2019-6189
 	RESERVED
 CVE-2019-6188 (The BIOS tamper detection mechanism was not triggered in Lenovo ThinkP ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2019-6187
 	RESERVED
 CVE-2019-6186
@@ -40128,11 +40128,11 @@ CVE-2019-6174
 CVE-2019-6173
 	RESERVED
 CVE-2019-6172 (A potential vulnerability in the SMI callback function in some Lenovo  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2019-6171 (A vulnerability was reported in various BIOS versions of older ThinkPa ...)
 	NOT-FOR-US: Lenovo
 CVE-2019-6170 (A potential vulnerability in some Lenovo ThinkPads may allow an attack ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2019-6169 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
 	NOT-FOR-US: Lenovo Service Bridge
 CVE-2019-6168 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
@@ -42546,7 +42546,7 @@ CVE-2019-5235
 CVE-2019-5234
 	RESERVED
 CVE-2019-5233 (Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(S ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2019-5232
 	RESERVED
 CVE-2019-5231 (P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E18 ...)
@@ -42554,7 +42554,7 @@ CVE-2019-5231 (P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C
 CVE-2019-5230 (P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte ...)
 	TODO: check
 CVE-2019-5229 (P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E19 ...)
-	TODO: check
+	NOT-FOR-US: P30 smartphones
 CVE-2019-5228 (Certain detection module of P30, P30 Pro, Honor V20 smartphone whith V ...)
 	TODO: check
 CVE-2019-5227
@@ -42586,7 +42586,7 @@ CVE-2019-5215 (There is a man-in-the-middle (MITM) vulnerability on Huawei P30 s
 CVE-2019-5214 (There is a use after free vulnerability on certain driver component in ...)
 	NOT-FOR-US: Huawei
 CVE-2019-5213 (Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0. ...)
-	TODO: check
+	NOT-FOR-US: Honor play smartphones
 CVE-2019-5212
 	RESERVED
 CVE-2019-5211
@@ -109147,7 +109147,7 @@ CVE-2017-17226 (The TripAdvisor app with the versions before TAMobileApp-24.6.4
 CVE-2017-17225 (The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile  ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17224 (Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0. ...)
-	TODO: check
+	NOT-FOR-US: Huawei smart phones
 CVE-2017-17223 (Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17222 (Import Language Package function in Huawei eSpace 7950 V200R003C30; eS ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d9c0856663d708136ecd6ca530afaabb0877a14

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d9c0856663d708136ecd6ca530afaabb0877a14
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191113/15f06a70/attachment.html>

More information about the debian-security-tracker-commits mailing list