[Git][security-tracker-team/security-tracker][master] NFUs

Sun Oct 6 20:54:29 BST 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e96c471d by Moritz Muehlenhoff at 2019-10-06T19:54:02Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,13 +11,13 @@ CVE-2019-17208
 CVE-2019-17207
 	RESERVED
 CVE-2019-17206 (Uncontrolled deserialization of a pickled object in models.py in Frost ...)
-	TODO: check
+	NOT-FOR-US: Frost Ming rediswrapper
 CVE-2019-17205 (TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the usern ...)
-	TODO: check
+	- teampass <itp> (bug #730180)
 CVE-2019-17204 (TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Ba ...)
-	TODO: check
+	- teampass <itp> (bug #730180)
 CVE-2019-17203 (TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a c ...)
-	TODO: check
+	- teampass <itp> (bug #730180)
 CVE-2019-17202
 	RESERVED
 CVE-2019-17201
@@ -41,9 +41,9 @@ CVE-2019-17194
 CVE-2019-17193
 	RESERVED
 CVE-2019-17192 (** DISPUTED ** The WebRTC component in the Signal Private Messenger ap ...)
-	TODO: check
+	NOT-FOR-US: Signal
 CVE-2019-17191 (The Signal Private Messenger application before 4.47.7 for Android all ...)
-	TODO: check
+	NOT-FOR-US: Signal
 CVE-2019-17190
 	RESERVED
 CVE-2019-17189
@@ -65,7 +65,7 @@ CVE-2019-17182
 CVE-2019-17181
 	RESERVED
 CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or appending parti ...)
-	TODO: check
+	NOT-FOR-US: Steam on Windows
 CVE-2019-17179 (XSS in library/custom_template/add_template.php in OpenEMR through 5.0 ...)
 	NOT-FOR-US: OpenEMR
 CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ...)
@@ -281,7 +281,7 @@ CVE-2019-17082
 CVE-2019-17081
 	RESERVED
 CVE-2019-17080 (mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code ex ...)
-	TODO: check
+	NOT-FOR-US: Linux Mint
 CVE-2019-17079
 	RESERVED
 CVE-2019-17078
@@ -357,7 +357,7 @@ CVE-2019-17052 (ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module
 CVE-2019-17051 (Evernote before 7.13 GA on macOS allows code execution because the com ...)
 	NOT-FOR-US: Evernote
 CVE-2019-17050 (An issue was discovered in the Voyager package through 1.2.7 for Larav ...)
-	TODO: check
+	NOT-FOR-US: Voyager
 CVE-2019-17049 (NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in t ...)
 	NOT-FOR-US: NETGEAR
 CVE-2019-17048
@@ -3646,7 +3646,7 @@ CVE-2019-15811 (In DomainMOD through 4.13, the parameter daterange in the file r
 CVE-2019-15810 (Insufficient sanitization during device search in Netdisco 2.042010 al ...)
 	NOT-FOR-US: Netdisco
 CVE-2019-15809 (Smart cards from the Athena SCS manufacturer, based on the Atmel Toolb ...)
-	TODO: check
+	NOT-FOR-US: Athena SCS
 CVE-2019-15808
 	RESERVED
 CVE-2019-15806 (CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301  ...)
@@ -28346,7 +28346,7 @@ CVE-2019-7620
 CVE-2019-7619
 	RESERVED
 CVE-2019-7618 (A local file disclosure flaw was found in Elastic Code versions 7.3.0, ...)
-	TODO: check
+	NOT-FOR-US: Elastic Code
 CVE-2019-7617 (When the Elastic APM agent for Python versions before 5.1.0 is run as  ...)
 	NOT-FOR-US: Elastic APM agent for Python
 CVE-2019-7616 (Kibana versions before 6.8.2 and 7.2.1 contain a server side request f ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e96c471db6fbd268b91c8d8c1c605b6f48c01798

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e96c471db6fbd268b91c8d8c1c605b6f48c01798
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191006/3298caa9/attachment.html>
