[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jan 7 18:14:22 GMT 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a21db497 by Salvatore Bonaccorso at 2020-01-07T19:13:47+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12397,7 +12397,7 @@ CVE-2019-18844 (The Device Model in ACRN before 2019w25.5-140000p relies on asse
 CVE-2019-18843
 	RESERVED
 CVE-2019-18842 (A cross-site scripting (XSS) vulnerability in the configuration web in ...)
-	TODO: check
+	NOT-FOR-US: Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module
 CVE-2019-18841 (Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before  ...)
 	- chartkick.js <not-affected> (Vulnerability introduced with 3.1.0)
 	NOTE: https://github.com/ankane/chartkick/commit/b810936bbf687bc74c5b6dba72d2397a399885fa
@@ -24241,9 +24241,9 @@ CVE-2019-15605
 CVE-2019-15604
 	RESERVED
 CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scriptin ...)
-	TODO: check
+	NOT-FOR-US: seefl
 CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and escapin ...)
-	TODO: check
+	NOT-FOR-US: fileview
 CVE-2019-15601 (CURL before 7.68.0 lacks proper input validation, which allows users t ...)
 	- curl <not-affected> (Windows only)
 CVE-2019-15600 (A Path traversal exists in http_server which allows an attacker to rea ...)
@@ -51059,13 +51059,13 @@ CVE-2019-6859
 CVE-2019-6858
 	RESERVED
 CVE-2019-6857 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6856 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2019-6855 (An Improper Authorization - CWE-285 vulnerability exists in EcoStruxur ...)
-	TODO: check
+	NOT-FOR-US: EcoStruxure Control Expert
 CVE-2019-6854 (A CWE-264 Permissions, Privileges, and Access Controls vulnerability e ...)
-	TODO: check
+	NOT-FOR-US: EcoStruxure Geo SCADA Expert
 CVE-2019-6853 (A CWE-79: Failure to Preserve Web Page Structure vulnerability exists  ...)
 	NOT-FOR-US: Andover Continuum
 CVE-2019-6852 (A CWE-200: Information Exposure vulnerability exists in Modicon Contro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a21db4971347d60a6538061b02e639e60b375b09

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a21db4971347d60a6538061b02e639e60b375b09
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200107/a6a61ff7/attachment.html>


More information about the debian-security-tracker-commits mailing list