[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Sep 27 21:20:34 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6e1d39b3 by Salvatore Bonaccorso at 2019-09-27T20:19:56Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,14 +5,14 @@ CVE-2019-16925
 CVE-2019-16924 (The Nulock application 1.5.0 for mobile devices sends a cleartext pass ...)
 	TODO: check
 CVE-2019-16923 (kkcms 1.3 has jx.php?url= XSS. ...)
-	TODO: check
+	NOT-FOR-US: kkcms
 CVE-2019-16922 (SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows uninten ...)
-	TODO: check
+	NOT-FOR-US: SuiteCRM
 CVE-2019-16921 (In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/in ...)
 	- linux <undetermined>
 	TODO: check, see kernel-sec
 CVE-2019-16920 (Unauthenticated remote code execution occurs in D-Link products such a ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2019-16928 [heap overflow in string_vformat()]
 	- exim4 <unfixed>
 	[stretch] - exim4 <not-affected> (Vulnerable code introduced later)
@@ -35953,7 +35953,7 @@ CVE-2019-4143 (The IBM Cloud Private Key Management Service (IBM Cloud Private 3
 CVE-2019-4142 (IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to cros ...)
 	NOT-FOR-US: IBM
 CVE-2019-4141 (IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4140 (IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) c ...)
 	NOT-FOR-US: IBM
 CVE-2019-4139 (IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-s ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6e1d39b34ed65753cc1d76a6edbb84043608f71d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6e1d39b34ed65753cc1d76a6edbb84043608f71d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190927/647adb36/attachment.html>

More information about the debian-security-tracker-commits mailing list