[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Oct 29 21:31:39 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9fc64273 by Salvatore Bonaccorso at 2019-10-29T21:30:49Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17478,7 +17478,7 @@ CVE-2019-13068 (public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5
 CVE-2019-13067 (njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_d ...)
 	NOT-FOR-US: njs
 CVE-2019-13066 (Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBRep ...)
-	TODO: check
+	NOT-FOR-US: Sahi Pro
 CVE-2019-13065
 	RESERVED
 CVE-2019-13064
@@ -26117,7 +26117,7 @@ CVE-2019-9928 (GStreamer before 1.16.0 has a heap-based buffer overflow in the R
 CVE-2019-9927 (Caret before 2019-02-22 allows Remote Code Execution. ...)
 	NOT-FOR-US: Caret editor
 CVE-2019-9926 (An issue was discovered in LabKey Server 19.1.0. It is possible to for ...)
-	TODO: check
+	NOT-FOR-US: LabKey Server
 CVE-2019-9925 (S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter. ...)
 	NOT-FOR-US: S-CMS PHP
 CVE-2019-9924 (rbash in Bash before 4.4-beta2 did not prevent the shell user from mod ...)
@@ -27499,9 +27499,9 @@ CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution when
 CVE-2019-9759 (An issue was discovered in TONGDA Office Anywhere 10.18.190121. There  ...)
 	NOT-FOR-US: TONGDA Office Anywhere
 CVE-2019-9758 (An issue was discovered in LabKey Server 19.1.0. The display name of a ...)
-	TODO: check
+	NOT-FOR-US: LabKey Server
 CVE-2019-9757 (An issue was discovered in LabKey Server 19.1.0. Sending an SVG contai ...)
-	TODO: check
+	NOT-FOR-US: LabKey Server
 CVE-2019-9756 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
 	[experimental] - gitlab 11.8.2-1
 	- gitlab 11.8.2-2 (bug #924447)
@@ -35104,27 +35104,27 @@ CVE-2019-6853
 CVE-2019-6852
 	RESERVED
 CVE-2019-6851 (A CWE-538: File and Directory Information Exposure vulnerability exist ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6850 (A CWE-200: Information Exposure vulnerability exists in Modicon M580,  ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6849 (A CWE-200: Information Exposure vulnerability exists in Modicon M580,  ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6848 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6847 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6846 (A CWE-319: Cleartext Transmission of Sensitive Information vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6845 (A CWE-319: Cleartext Transmission of Sensitive Information vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6844 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6843 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6842 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6841 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6840 (A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6 ...)
 	NOT-FOR-US: Schneider
 CVE-2019-6839 (An Improper Access Control: CWE-284 vulnerability exists in U.motion S ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fc6427329b69d0bb9d73b52e78b7e802c35fcae

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fc6427329b69d0bb9d73b52e78b7e802c35fcae
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191029/3f9130e8/attachment.html>

More information about the debian-security-tracker-commits mailing list