[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Thu Sep 5 12:38:45 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75637b56 by Moritz Muehlenhoff at 2019-09-05T11:38:32Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1075,11 +1075,11 @@ CVE-2019-15536 (The Acclaim block plugin before 2019-06-26 for Moodle allows SQL
 CVE-2019-15535 (Tasking Manager before 3.4.0 allows SQL Injection via custom SQL. ...)
 	NOT-FOR-US: Tasking Manager
 CVE-2019-15534 (Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.upda ...)
-	TODO: check
+	NOT-FOR-US: Raml-Module-Builder
 CVE-2019-15533 (XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php ...)
-	TODO: check
+	NOT-FOR-US: XENFCoreSharp
 CVE-2019-15532 (CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBrut ...)
-	TODO: check
+	NOT-FOR-US: CyberChef
 CVE-2019-15531 (GNU Libextractor through 1.9 has a heap-based buffer over-read in the  ...)
 	{DLA-1904-1}
 	- libextractor 1:1.9-2 (bug #935553)
@@ -31071,25 +31071,25 @@ CVE-2019-5043
 CVE-2019-5042
 	RESERVED
 CVE-2019-5041 (An exploitable Stack Based Buffer Overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Aspose
 CVE-2019-5040 (An exploitable information disclosure vulnerability exists in the Weav ...)
-	TODO: check
+	NOT-FOR-US: OpenWeave
 CVE-2019-5039 (An exploitable command execution vulnerability exists in the ASN1 cert ...)
-	TODO: check
+	NOT-FOR-US: OpenWeave
 CVE-2019-5038 (An exploitable command execution vulnerability exists in the print-tlv ...)
-	TODO: check
+	NOT-FOR-US: OpenWeave
 CVE-2019-5037 (An exploitable denial-of-service vulnerability exists in the Weave cer ...)
-	TODO: check
+	NOT-FOR-US: Nest
 CVE-2019-5036 (An exploitable denial-of-service vulnerability exists in the Weave err ...)
-	TODO: check
+	NOT-FOR-US: Nest
 CVE-2019-5035 (An exploitable information disclosure vulnerability exists in the Weav ...)
-	TODO: check
+	NOT-FOR-US: Nest
 CVE-2019-5034 (An exploitable information disclosure vulnerability exists in the Weav ...)
-	TODO: check
+	NOT-FOR-US: Nest
 CVE-2019-5033 (An exploitable out-of-bounds read vulnerability exists in the Number r ...)
-	TODO: check
+	NOT-FOR-US: Aspose
 CVE-2019-5032 (An exploitable out-of-bounds read vulnerability exists in the LabelSst ...)
-	TODO: check
+	NOT-FOR-US: Aspose
 CVE-2019-5031
 	RESERVED
 CVE-2019-5030
@@ -39448,41 +39448,41 @@ CVE-2019-2139
 CVE-2019-2138
 	RESERVED
 CVE-2019-2137 (In the endCall() function of TelecomManager.java, there is a possible  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2136 (In Status::readFromParcel of Status.cpp, there is a possible out of bo ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2135 (In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2134 (In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a po ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2133 (In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2132 (It is possible to overlay the VPN dialog by a malicious application. T ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2131 (An application with overlay permission can display overlays on top of  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2130 (In CompilationJob::FinalizeJob of compiler.cc, there is a possible rem ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2129 (In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a p ...)
-	TODO: check
+	NOT-FOR-US: Android media framework
 CVE-2019-2128 (In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write ...)
-	TODO: check
+	NOT-FOR-US: Android media framework
 CVE-2019-2127 (In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp,  ...)
-	TODO: check
+	NOT-FOR-US: Android media framework
 CVE-2019-2126 (In ParseContentEncodingEntry of mkvparser.cc, there is a possible doub ...)
-	TODO: check
+	NOT-FOR-US: Android media framework
 CVE-2019-2125 (In ChangeDefaultDialerDialog.java, there is a possible escalation of p ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2124
 	RESERVED
 CVE-2019-2123
 	RESERVED
 CVE-2019-2122 (In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.j ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2121 (In ActivityManagerService.attachApplication of ActivityManagerService, ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2120 (In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there i ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2119 (In multiple functions of key_store_service.cpp, there is a possible In ...)
 	NOT-FOR-US: Android
 CVE-2019-2118 (In various functions of Parcel.cpp, there are uninitialized or partial ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/75637b56abd2ec98a519ecb1ddc738c377c8243e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/75637b56abd2ec98a519ecb1ddc738c377c8243e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190905/1c529e73/attachment.html>

More information about the debian-security-tracker-commits mailing list