[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e56e69bc by Salvatore Bonaccorso at 2020-04-03T14:57:04+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25215,23 +25215,23 @@ CVE-2019-19099
 CVE-2019-19098
 	RESERVED
 CVE-2019-19097 (ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium streng ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19096 (The Redis data structure component used in ABB eSOMS versions 6.0 to 6 ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19095 (Lack of adequate input/output validation for ABB eSOMS versions 4.0 to ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19094 (Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0. ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19093 (eSOMS versions 4.0 to 6.0.3 do not enforce password complexity setting ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19092 (ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message  ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19091 (For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments  ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19090 (For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19089 (For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19088 (Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Tr ...)
 	- gitlab <not-affected> (Only affects Gitlab EE)
 	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
@@ -25551,13 +25551,13 @@ CVE-2019-19005
 CVE-2019-19004
 	RESERVED
 CVE-2019-19003 (For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. Thi ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19002 (For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP respons ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19001 (For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-19000 (For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s ...)
-	TODO: check
+	NOT-FOR-US: ABB eSOMS
 CVE-2019-18999
 	RESERVED
 CVE-2019-18998 (Insufficient access control in the web interface of ABB Asset Suite ve ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e56e69bc339dc30802cb6f7800986af895b011aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e56e69bc339dc30802cb6f7800986af895b011aa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200403/166ccd28/attachment.html>