[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue Jan 7 22:46:28 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7bb334d by Moritz Muehlenhoff at 2020-01-07T23:46:11+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -44754,21 +44754,21 @@ CVE-2019-9474
 CVE-2019-9473
 	RESERVED
 CVE-2019-9472 (In DCRYPTO_equals of compare.c, there is a possible timing attack due  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-9471 (In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-9470 (In dma_sblk_start of abc-pcie.c, there is a possible out of bounds wri ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-9469 (In km_compute_shared_hmac of km4.c, there is a possible out of bounds  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-9468 (In export_key_der of export_key.cpp, there is possible memory corrupti ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-9467 (In the Bootloader, there is a possible kernel command injection due to ...)
 	NOT-FOR-US: LG components for Android
 CVE-2019-9466
 	REJECTED
 CVE-2019-9465 (In the Titan M handling of cryptographic operations, there is a possib ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-9464 (In various functions of RecentLocationApps.java, DevicePolicyManagerSe ...)
 	NOT-FOR-US: Android
 CVE-2019-9463 (In Platform, there is a possible bypass of user interaction requiremen ...)
@@ -263760,7 +263760,7 @@ CVE-2013-4745 (SQL injection vulnerability in the My quiz and poll (myquizpoll)
 CVE-2013-4744 (Cross-site scripting (XSS) vulnerability in the PHPUnit extension befo ...)
 	NOT-FOR-US: PHPUnit TYPO3 extension
 CVE-2013-4743 (Static HTTP Server 1.0 has a Local Overflow ...)
-	TODO: check
+	NOT-FOR-US: Static HTTP Server
 CVE-2013-4742 (Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers ...)
 	NOT-FOR-US: SurgeFTP
 CVE-2013-4741
@@ -267074,9 +267074,9 @@ CVE-2013-3622 (Buffer overflow in logout.cgi in the Intelligent Platform Managem
 CVE-2013-3621
 	REJECTED
 CVE-2013-3620 (Hardcoded WSMan credentials in Intelligent Platform Management Interfa ...)
-	TODO: check
+	NOT-FOR-US: Supermicro
 CVE-2013-3619 (Intelligent Platform Management Interface (IPMI) with firmware for Sup ...)
-	TODO: check
+	NOT-FOR-US: Supermicro
 CVE-2013-3618
 	RESERVED
 CVE-2013-3617 (The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c7bb334d7107a7c4c19ba294efda6cb40daa14a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c7bb334d7107a7c4c19ba294efda6cb40daa14a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200107/be789e8e/attachment.html>

More information about the debian-security-tracker-commits mailing list