[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Sep 12 22:15:49 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cfd82528 by Salvatore Bonaccorso at 2019-09-12T21:15:20Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6390,9 +6390,9 @@ CVE-2019-14239
 CVE-2019-14238
 	RESERVED
 CVE-2019-14237 (On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Acce ...)
-	TODO: check
+	NOT-FOR-US: NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices
 CVE-2019-14236 (On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices
 CVE-2019-14235 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
 	{DSA-4498-1}
 	- python-django 2:2.2.4-1 (bug #934026)
@@ -8969,7 +8969,7 @@ CVE-2019-13546
 CVE-2019-13545
 	RESERVED
 CVE-2019-13544 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-b ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics TPEditor
 CVE-2019-13543
 	RESERVED
 CVE-2019-13542
@@ -8977,7 +8977,7 @@ CVE-2019-13542
 CVE-2019-13541
 	RESERVED
 CVE-2019-13540 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-ba ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics TPEditor
 CVE-2019-13539
 	RESERVED
 CVE-2019-13538
@@ -8985,11 +8985,11 @@ CVE-2019-13538
 CVE-2019-13537
 	RESERVED
 CVE-2019-13536 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-bas ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics TPEditor
 CVE-2019-13535
 	RESERVED
 CVE-2019-13534 (Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Fi ...)
-	TODO: check
+	NOT-FOR-US: Philips
 CVE-2019-13533
 	RESERVED
 CVE-2019-13532
@@ -8997,7 +8997,7 @@ CVE-2019-13532
 CVE-2019-13531
 	RESERVED
 CVE-2019-13530 (Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Fi ...)
-	TODO: check
+	NOT-FOR-US: Philips
 CVE-2019-13529
 	RESERVED
 CVE-2019-13528
@@ -9132,7 +9132,7 @@ CVE-2019-13475 (In MobaXterm 11.1, the mobaxterm: URI handler has an argument in
 CVE-2019-13474
 	RESERVED
 CVE-2019-13473 (TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110 ...)
-	TODO: check
+	NOT-FOR-US: TELESTAR
 CVE-2019-13472 (PHPWind 9.1.0 has XSS vulnerabilities in the c and m parameters of the ...)
 	NOT-FOR-US: PHPWind
 CVE-2019-13471
@@ -9409,7 +9409,7 @@ CVE-2019-13363
 CVE-2019-13362 (Codedoc v3.2 has a stack-based buffer overflow in add_variable in code ...)
 	NOT-FOR-US: Codedoc
 CVE-2019-13361 (Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an ...)
-	TODO: check
+	NOT-FOR-US: Smanos W100 1.0.0 devices
 CVE-2019-13360 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote at ...)
 	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
 CVE-2019-13359 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv- ...)
@@ -9438,9 +9438,9 @@ CVE-2019-13351 (posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (a
 CVE-2019-13350
 	RESERVED
 CVE-2019-13349 (In Knowage through 6.1.1, an authenticated user that accesses the user ...)
-	TODO: check
+	NOT-FOR-US: Knowage
 CVE-2019-13348 (In Knowage through 6.1.1, an authenticated user who accesses the datas ...)
-	TODO: check
+	NOT-FOR-US: Knowage
 CVE-2019-13347
 	RESERVED
 CVE-2019-13346 (In MyT 1.5.1, the User[username] parameter has XSS. ...)
@@ -9889,11 +9889,11 @@ CVE-2019-13192
 CVE-2019-13191 (A SQL injection vulnerability in IntraMaps MapControl 8 allows attacke ...)
 	TODO: check
 CVE-2019-13190 (In Knowage through 6.1.1, the sign up page does not invalidate a valid ...)
-	TODO: check
+	NOT-FOR-US: Knowage
 CVE-2019-13189 (In Knowage through 6.1.1, there is XSS via the start_url or user_id fi ...)
-	TODO: check
+	NOT-FOR-US: Knowage
 CVE-2019-13188 (In Knowage through 6.1.1, an unauthenticated user can bypass access co ...)
-	TODO: check
+	NOT-FOR-US: Knowage
 CVE-2019-13187 (The Rich Text Formatter (Redactor) extension through v1.1.1 for Sympho ...)
 	TODO: check
 CVE-2019-13186 (In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cfd8252801c884a90b0131aa2eb631e20bd07620

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cfd8252801c884a90b0131aa2eb631e20bd07620
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190912/3b5feb28/attachment.html>


More information about the debian-security-tracker-commits mailing list