[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Jan 25 08:10:23 GMT 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
81530729 by security tracker role at 2020-01-25T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2020-7979
+	RESERVED
+CVE-2020-7978
+	RESERVED
+CVE-2020-7977
+	RESERVED
+CVE-2020-7976
+	RESERVED
+CVE-2020-7975
+	RESERVED
+CVE-2020-7974
+	RESERVED
+CVE-2020-7973
+	RESERVED
+CVE-2020-7972
+	RESERVED
+CVE-2020-7971
+	RESERVED
+CVE-2020-7970
+	RESERVED
+CVE-2020-7969
+	RESERVED
+CVE-2020-7968
+	RESERVED
+CVE-2020-7967
+	RESERVED
+CVE-2020-7966
+	RESERVED
+CVE-2020-7965
+	RESERVED
+CVE-2020-7964 (An issue was discovered in Mirumee Saleor 2.x before 2.9.1. Incorrect  ...)
+	TODO: check
+CVE-2020-7963
+	RESERVED
+CVE-2019-20420
+	RESERVED
+CVE-2015-9541 (Qt through 5.14 allows an exponential XML entity expansion attack via  ...)
+	TODO: check
 CVE-2020-7962
 	RESERVED
 CVE-2020-7961
@@ -1947,8 +1985,8 @@ CVE-2020-7053 (In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longt
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com/
-CVE-2020-7052
-	RESERVED
+CVE-2020-7052 (CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow unco ...)
+	TODO: check
 CVE-2020-7051
 	RESERVED
 CVE-2020-7050
@@ -2396,7 +2434,7 @@ CVE-2020-6845
 	RESERVED
 CVE-2020-6844
 	RESERVED
-CVE-2020-6843 (Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. ...)
+CVE-2020-6843 (Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This i ...)
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
 CVE-2020-6842
 	RESERVED
@@ -5830,12 +5868,12 @@ CVE-2020-5228
 	RESERVED
 CVE-2020-5227
 	RESERVED
-CVE-2020-5226
-	RESERVED
-CVE-2020-5225
-	RESERVED
-CVE-2020-5224
-	RESERVED
+CVE-2020-5226 (Cross-site scripting in SimpleSAMLphp before version 1.18.4. The www/e ...)
+	TODO: check
+CVE-2020-5225 (Log injection in SimpleSAMLphp before version 1.18.4. The www/errorepo ...)
+	TODO: check
+CVE-2020-5224 (In Django User Sessions (django-user-sessions) before 1.7.1, the views ...)
+	TODO: check
 CVE-2020-5223 (In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a p ...)
 	TODO: check
 CVE-2020-5222
@@ -71425,91 +71463,91 @@ CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allo
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
 CVE-2019-1534
-	RESERVED
+	REJECTED
 CVE-2019-1533
-	RESERVED
+	REJECTED
 CVE-2019-1532
-	RESERVED
+	REJECTED
 CVE-2019-1531
-	RESERVED
+	REJECTED
 CVE-2019-1530
-	RESERVED
+	REJECTED
 CVE-2019-1529
-	RESERVED
+	REJECTED
 CVE-2019-1528
-	RESERVED
+	REJECTED
 CVE-2019-1527
-	RESERVED
+	REJECTED
 CVE-2019-1526
-	RESERVED
+	REJECTED
 CVE-2019-1525
-	RESERVED
+	REJECTED
 CVE-2019-1524
-	RESERVED
+	REJECTED
 CVE-2019-1523
-	RESERVED
+	REJECTED
 CVE-2019-1522
-	RESERVED
+	REJECTED
 CVE-2019-1521
-	RESERVED
+	REJECTED
 CVE-2019-1520
-	RESERVED
+	REJECTED
 CVE-2019-1519
-	RESERVED
+	REJECTED
 CVE-2019-1518
-	RESERVED
+	REJECTED
 CVE-2019-1517
-	RESERVED
+	REJECTED
 CVE-2019-1516
-	RESERVED
+	REJECTED
 CVE-2019-1515
-	RESERVED
+	REJECTED
 CVE-2019-1514
-	RESERVED
+	REJECTED
 CVE-2019-1513
-	RESERVED
+	REJECTED
 CVE-2019-1512
-	RESERVED
+	REJECTED
 CVE-2019-1511
-	RESERVED
+	REJECTED
 CVE-2019-1510
-	RESERVED
+	REJECTED
 CVE-2019-1509
-	RESERVED
+	REJECTED
 CVE-2019-1508
-	RESERVED
+	REJECTED
 CVE-2019-1507
-	RESERVED
+	REJECTED
 CVE-2019-1506
-	RESERVED
+	REJECTED
 CVE-2019-1505
-	RESERVED
+	REJECTED
 CVE-2019-1504
-	RESERVED
+	REJECTED
 CVE-2019-1503
-	RESERVED
+	REJECTED
 CVE-2019-1502
-	RESERVED
+	REJECTED
 CVE-2019-1501
-	RESERVED
+	REJECTED
 CVE-2019-1500
-	RESERVED
+	REJECTED
 CVE-2019-1499
-	RESERVED
+	REJECTED
 CVE-2019-1498
-	RESERVED
+	REJECTED
 CVE-2019-1497
-	RESERVED
+	REJECTED
 CVE-2019-1496
-	RESERVED
+	REJECTED
 CVE-2019-1495
-	RESERVED
+	REJECTED
 CVE-2019-1494
-	RESERVED
+	REJECTED
 CVE-2019-1493
-	RESERVED
+	REJECTED
 CVE-2019-1492
-	RESERVED
+	REJECTED
 CVE-2019-1491
 	RESERVED
 CVE-2019-1490 (A spoofing vulnerability exists when a Skype for Business Server does  ...)
@@ -71529,13 +71567,13 @@ CVE-2019-1484 (A remote code execution vulnerability exists when Microsoft Windo
 CVE-2019-1483 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1482
-	RESERVED
+	REJECTED
 CVE-2019-1481 (An information disclosure vulnerability exists in Windows Media Player ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1480 (An information disclosure vulnerability exists in Windows Media Player ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1479
-	RESERVED
+	REJECTED
 CVE-2019-1478 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1477 (An elevation of privilege vulnerability exists when the Windows Printe ...)
@@ -71543,11 +71581,11 @@ CVE-2019-1477 (An elevation of privilege vulnerability exists when the Windows P
 CVE-2019-1476 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1475
-	RESERVED
+	REJECTED
 CVE-2019-1474 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1473
-	RESERVED
+	REJECTED
 CVE-2019-1472 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1471 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
@@ -71572,10 +71610,10 @@ CVE-2019-1462 (A remote code execution vulnerability exists in Microsoft PowerPo
 	NOT-FOR-US: Microsoft
 CVE-2019-1461 (A denial of service vulnerability exists in Microsoft Word software wh ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-1460
-	RESERVED
+CVE-2019-1460 (A spoofing vulnerability exists in the way Microsoft Outlook for Andro ...)
+	TODO: check
 CVE-2019-1459
-	RESERVED
+	REJECTED
 CVE-2019-1458 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1457 (A security feature bypass vulnerability exists in Microsoft Office sof ...)
@@ -71583,17 +71621,17 @@ CVE-2019-1457 (A security feature bypass vulnerability exists in Microsoft Offic
 CVE-2019-1456 (A remote code execution vulnerability exists in Microsoft Windows when ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1455
-	RESERVED
-CVE-2019-1454
-	RESERVED
+	REJECTED
+CVE-2019-1454 (An elevation of privilege vulnerability exists when the Windows User P ...)
+	TODO: check
 CVE-2019-1453 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1452
-	RESERVED
+	REJECTED
 CVE-2019-1451
-	RESERVED
+	REJECTED
 CVE-2019-1450
-	RESERVED
+	REJECTED
 CVE-2019-1449 (A security feature bypass vulnerability exists in the way that Office  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1448 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
@@ -71605,7 +71643,7 @@ CVE-2019-1446 (An information disclosure vulnerability exists when Microsoft Exc
 CVE-2019-1445 (A spoofing vulnerability exists when Office Online does not validate o ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1444
-	RESERVED
+	REJECTED
 CVE-2019-1443 (An information disclosure vulnerability exists in Microsoft SharePoint ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1442 (A security feature bypass vulnerability exists when Microsoft Office d ...)
@@ -71631,7 +71669,7 @@ CVE-2019-1433 (An elevation of privilege vulnerability exists when the Windows G
 CVE-2019-1432 (An information disclosure vulnerability exists when DirectWrite improp ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1431
-	RESERVED
+	REJECTED
 CVE-2019-1430 (A remote code execution vulnerability exists when Windows Media Founda ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1429 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -71651,7 +71689,7 @@ CVE-2019-1423 (An elevation of privilege vulnerability exists in the way that th
 CVE-2019-1422 (An elevation of privilege vulnerability exists in the way that the iph ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1421
-	RESERVED
+	REJECTED
 CVE-2019-1420 (An elevation of privilege vulnerability exists in the way that the dss ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1419 (A remote code execution vulnerability exists in Microsoft Windows when ...)
@@ -71664,8 +71702,8 @@ CVE-2019-1416 (An elevation of privilege vulnerability exists due to a race cond
 	NOT-FOR-US: Microsoft
 CVE-2019-1415 (An elevation of privilege vulnerability exists in Windows Installer be ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-1414
-	RESERVED
+CVE-2019-1414 (An elevation of privilege vulnerability exists in Visual Studio Code w ...)
+	TODO: check
 CVE-2019-1413 (A security feature bypass vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1412 (An information disclosure vulnerability exists in Windows Adobe Type M ...)
@@ -71673,7 +71711,7 @@ CVE-2019-1412 (An information disclosure vulnerability exists in Windows Adobe T
 CVE-2019-1411 (An information disclosure vulnerability exists when DirectWrite improp ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1410
-	RESERVED
+	REJECTED
 CVE-2019-1409 (An information disclosure vulnerability exists when the Windows Remote ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1408 (An elevation of privilege vulnerability exists in Windows when the Win ...)
@@ -71685,13 +71723,13 @@ CVE-2019-1406 (A remote code execution vulnerability exists when the Windows Jet
 CVE-2019-1405 (An elevation of privilege vulnerability exists when the Windows Univer ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1404
-	RESERVED
+	REJECTED
 CVE-2019-1403
-	RESERVED
+	REJECTED
 CVE-2019-1402 (An information disclosure vulnerability exists in Microsoft Office sof ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1401
-	RESERVED
+	REJECTED
 CVE-2019-1400 (An information disclosure vulnerability exists in Microsoft Access sof ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1399 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
@@ -71724,7 +71762,7 @@ CVE-2019-1387 (An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a8dee3ca610f5a1d403634492136c887f83b59d2
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1386
-	RESERVED
+	REJECTED
 CVE-2019-1385 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1384 (A security feature bypass vulnerability exists where a NETLOGON messag ...)
@@ -71742,7 +71780,7 @@ CVE-2019-1379 (An elevation of privilege vulnerability exists when the Windows D
 CVE-2019-1378 (An elevation of privilege vulnerability exists in Windows 10 Update As ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1377
-	RESERVED
+	REJECTED
 CVE-2019-1376 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1375 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
@@ -71776,7 +71814,7 @@ CVE-2019-1362 (An elevation of privilege vulnerability exists in Windows when th
 CVE-2019-1361 (An information disclosure vulnerability exists in the way that Microso ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1360
-	RESERVED
+	REJECTED
 CVE-2019-1359 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1358 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -71786,47 +71824,42 @@ CVE-2019-1357 (A spoofing vulnerability exists when Microsoft Browsers improperl
 CVE-2019-1356 (An information disclosure vulnerability exists when Microsoft Edge bas ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1355
-	RESERVED
-CVE-2019-1354
-	RESERVED
+	REJECTED
+CVE-2019-1354 (A remote code execution vulnerability exists when Git for Visual Studi ...)
 	- git 1:2.24.0-2 (unimportant)
 	[buster] - git 1:2.20.1-2+deb10u1
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e1d911dd4c7b76a5a8cec0f5c8de15981e34da83
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1353
-	RESERVED
+	REJECTED
 	{DSA-4581-1 DLA-2059-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9102f958ee5254b10c0be72672aa3305bf4f4704
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1352
-	RESERVED
+CVE-2019-1352 (A remote code execution vulnerability exists when Git for Visual Studi ...)
 	{DSA-4581-1 DLA-2059-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=7c3745fc6185495d5765628b4dfe1bd2c25a2981
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 	NOTE: Additional hardening for .gitmodules (but not part of the CVE):
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=91bd46588e6959e6903e275f78b10bd07830d547
-CVE-2019-1351
-	RESERVED
+CVE-2019-1351 (A tampering vulnerability exists when Git for Visual Studio improperly ...)
 	- git 1:2.24.0-2 (unimportant)
 	[buster] - git 1:2.20.1-2+deb10u1
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=f82a97eb9197c1e3768e72648f37ce0ca3233734
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1350
-	RESERVED
+CVE-2019-1350 (A remote code execution vulnerability exists when Git for Visual Studi ...)
 	- git 1:2.24.0-2 (unimportant)
 	[buster] - git 1:2.20.1-2+deb10u1
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=6d8684161ee9c03bed5cb69ae76dfdddb85a0003
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1349
-	RESERVED
+CVE-2019-1349 (A remote code execution vulnerability exists when Git for Visual Studi ...)
 	{DSA-4581-1 DLA-2059-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=0060fd1511b94c918928fa3708f69a3f33895a4a
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1348
-	RESERVED
+	REJECTED
 	{DSA-4581-1 DLA-2059-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0
@@ -71902,7 +71935,7 @@ CVE-2019-1314 (A security feature bypass vulnerability exists in Windows 10 Mobi
 CVE-2019-1313 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1312
-	RESERVED
+	REJECTED
 CVE-2019-1311 (A remote code execution vulnerability exists when the Windows Imaging  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1310 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
@@ -71918,7 +71951,7 @@ CVE-2019-1306 (A remote code execution vulnerability exists when Azure DevOps Se
 CVE-2019-1305 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1304
-	RESERVED
+	REJECTED
 CVE-2019-1303 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1302 (An elevation of privilege vulnerability exists when a ASP.NET Core web ...)
@@ -71950,7 +71983,7 @@ CVE-2019-1290 (A remote code execution vulnerability exists in the Windows Remot
 CVE-2019-1289 (An elevation of privilege vulnerability exists when the Windows Update ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1288
-	RESERVED
+	REJECTED
 CVE-2019-1287 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1286 (An information disclosure vulnerability exists when the Windows GDI co ...)
@@ -71964,19 +71997,19 @@ CVE-2019-1283 (An information disclosure vulnerability exists in the way that Mi
 CVE-2019-1282 (An information disclosure exists in the Windows Common Log File System ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1281
-	RESERVED
+	REJECTED
 CVE-2019-1280 (A remote code execution vulnerability exists in Microsoft Windows that ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1279
-	RESERVED
+	REJECTED
 CVE-2019-1278 (An elevation of privilege vulnerability exists in the way that the uni ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1277 (An elevation of privilege vulnerability exists in Windows Audio Servic ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1276
-	RESERVED
+	REJECTED
 CVE-2019-1275
-	RESERVED
+	REJECTED
 CVE-2019-1274 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1273 (A cross-site-scripting (XSS) vulnerability exists when Active Director ...)
@@ -72106,13 +72139,13 @@ CVE-2019-1212 (A memory corruption vulnerability exists in the Windows Server DH
 CVE-2019-1211 (An elevation of privilege vulnerability exists in Git for Visual Studi ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1210
-	RESERVED
+	REJECTED
 CVE-2019-1209 (An information disclosure vulnerability exists in Lync 2013, aka 'Lync ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1208 (A remote code execution vulnerability exists in the way that the VBScr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1207
-	RESERVED
+	REJECTED
 CVE-2019-1206 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1205 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
@@ -72144,11 +72177,11 @@ CVE-2019-1193 (A remote code execution vulnerability exists in the way that Micr
 CVE-2019-1192 (A security feature bypass vulnerability exists when Microsoft browsers ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1191
-	RESERVED
+	REJECTED
 CVE-2019-1190 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1189
-	RESERVED
+	REJECTED
 CVE-2019-1188 (A remote code execution vulnerability exists in Microsoft Windows that ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1187 (A denial of service vulnerability exists when the XmlLite runtime (Xml ...)
@@ -72196,7 +72229,7 @@ CVE-2019-1167 (A security feature bypass vulnerability exists in Windows Defende
 CVE-2019-1166 (A tampering vulnerability exists in Microsoft Windows when a man-in-th ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1165
-	RESERVED
+	REJECTED
 CVE-2019-1164 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1163 (A security feature bypass exists when Windows incorrectly validates CA ...)
@@ -72206,7 +72239,7 @@ CVE-2019-1162 (An elevation of privilege vulnerability exists when Windows impro
 CVE-2019-1161 (An elevation of privilege vulnerability exists when the MpSigStub.exe  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1160
-	RESERVED
+	REJECTED
 CVE-2019-1159 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1158 (An information disclosure vulnerability exists when the Windows GDI co ...)
@@ -72256,7 +72289,7 @@ CVE-2019-1137 (A cross-site-scripting (XSS) vulnerability exists when Microsoft
 CVE-2019-1136 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1135
-	RESERVED
+	REJECTED
 CVE-2019-1134 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1133 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -72298,9 +72331,9 @@ CVE-2019-1117 (A remote code execution vulnerability exists in the way that Dire
 CVE-2019-1116 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1115
-	RESERVED
+	REJECTED
 CVE-2019-1114
-	RESERVED
+	REJECTED
 CVE-2019-1113 (A remote code execution vulnerability exists in .NET software when the ...)
 	NOT-FOR-US: Microsoft .NET
 CVE-2019-1112 (An information disclosure vulnerability exists when Microsoft Excel im ...)
@@ -72396,7 +72429,7 @@ CVE-2019-1068 (A remote code execution vulnerability exists in Microsoft SQL Ser
 CVE-2019-1067 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1066
-	RESERVED
+	REJECTED
 CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1064 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
@@ -72406,13 +72439,13 @@ CVE-2019-1063 (A remote code execution vulnerability exists when Internet Explor
 CVE-2019-1062 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1061
-	RESERVED
+	REJECTED
 CVE-2019-1060 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1059 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1058
-	RESERVED
+	REJECTED
 CVE-2019-1057 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1056 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -72444,7 +72477,7 @@ CVE-2019-1044 (A security feature bypass vulnerability exists when Windows Secur
 CVE-2019-1043 (A remote code execution vulnerability exists in the way that comctl32. ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1042
-	RESERVED
+	REJECTED
 CVE-2019-1041 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1040 (A tampering vulnerability exists in Microsoft Windows when a man-in-th ...)
@@ -72488,7 +72521,7 @@ CVE-2019-1022 (An elevation of privilege exists in Windows Audio Service, aka 'W
 CVE-2019-1021 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1020
-	RESERVED
+	REJECTED
 CVE-2019-1019 (A security feature bypass vulnerability exists where a NETLOGON messag ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1018 (An elevation of privilege vulnerability exists when DirectX improperly ...)
@@ -72534,13 +72567,13 @@ CVE-2019-0999 (An elevation of privilege vulnerability exists when DirectX impro
 CVE-2019-0998 (An elevation of privilege vulnerability exists when the Storage Servic ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0997
-	RESERVED
+	REJECTED
 CVE-2019-0996 (A spoofing vulnerability exists in Azure DevOps Server when it imprope ...)
 	NOT-FOR-US: Azure DevOps Server / Microsoft
 CVE-2019-0995 (A security feature bypass vulnerability exists when urlmon.dll imprope ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0994
-	RESERVED
+	REJECTED
 CVE-2019-0993 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0992 (A remote code execution vulnerability exists in the way that the Chakr ...)
@@ -72554,7 +72587,7 @@ CVE-2019-0989 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0988 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0987
-	RESERVED
+	REJECTED
 CVE-2019-0986 (An elevation of privilege vulnerability exists when the Windows User P ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0985 (A remote code execution vulnerability exists when the Microsoft Speech ...)
@@ -72572,7 +72605,7 @@ CVE-2019-0980 (A denial of service vulnerability exists when .NET Framework or .
 CVE-2019-0979 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0978
-	RESERVED
+	REJECTED
 CVE-2019-0977 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0976 (A tampering vulnerability exists in the NuGet Package Manager for Linu ...)
@@ -72591,19 +72624,19 @@ CVE-2019-0972 (This security update corrects a denial of service in the Local Se
 CVE-2019-0971 (An information disclosure vulnerability exists when Azure DevOps Serve ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0970
-	RESERVED
+	REJECTED
 CVE-2019-0969
-	RESERVED
+	REJECTED
 CVE-2019-0968 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0967
-	RESERVED
+	REJECTED
 CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0965 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0964
-	RESERVED
+	REJECTED
 CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0962 (An elevation of privilege vulnerability exists in Azure Automation "Ru ...)
@@ -72621,9 +72654,9 @@ CVE-2019-0957 (An elevation of privilege vulnerability exists when Microsoft Sha
 CVE-2019-0956 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0955
-	RESERVED
+	REJECTED
 CVE-2019-0954
-	RESERVED
+	REJECTED
 CVE-2019-0953 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0952 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
@@ -72643,7 +72676,7 @@ CVE-2019-0946 (A remote code execution vulnerability exists when the Microsoft O
 CVE-2019-0945 (A remote code execution vulnerability exists when the Microsoft Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0944
-	RESERVED
+	REJECTED
 CVE-2019-0943 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0942 (An elevation of privilege vulnerability exists in the Unified Write Fi ...)
@@ -72653,7 +72686,7 @@ CVE-2019-0941 (A denial of service exists in Microsoft IIS Server when the optio
 CVE-2019-0940 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0939
-	RESERVED
+	REJECTED
 CVE-2019-0938 (An elevation of privilege vulnerability exists in Microsoft Edge that  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0937 (A remote code execution vulnerability exists in the way that the Chakr ...)
@@ -72661,9 +72694,9 @@ CVE-2019-0937 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0936 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0935
-	RESERVED
+	REJECTED
 CVE-2019-0934
-	RESERVED
+	REJECTED
 CVE-2019-0933 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0932 (An information disclosure vulnerability exists in Skype for Android, a ...)
@@ -72693,7 +72726,7 @@ CVE-2019-0921 (An spoofing vulnerability exists when Internet Explorer improperl
 CVE-2019-0920 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0919
-	RESERVED
+	REJECTED
 CVE-2019-0918 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0917 (A remote code execution vulnerability exists in the way that the Chakr ...)
@@ -72711,7 +72744,7 @@ CVE-2019-0912 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0911 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0910
-	RESERVED
+	REJECTED
 CVE-2019-0909 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0908 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -72765,7 +72798,7 @@ CVE-2019-0885 (A remote code execution vulnerability exists when Microsoft Windo
 CVE-2019-0884 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0883
-	RESERVED
+	REJECTED
 CVE-2019-0882 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0881 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
@@ -72775,7 +72808,7 @@ CVE-2019-0880 (A local elevation of privilege vulnerability exists in how splwow
 CVE-2019-0879 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0878
-	RESERVED
+	REJECTED
 CVE-2019-0877 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0876 (An information disclosure vulnerability exists when affected Open Encl ...)
@@ -72785,7 +72818,7 @@ CVE-2019-0875 (An elevation of privilege vulnerability exists when Azure DevOps
 CVE-2019-0874 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0873
-	RESERVED
+	REJECTED
 CVE-2019-0872 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0871 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
@@ -72821,17 +72854,17 @@ CVE-2019-0857 (A spoofing vulnerability that could allow a security feature bypa
 CVE-2019-0856 (A remote code execution vulnerability exists when Windows improperly h ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2019-0855
-	RESERVED
+	REJECTED
 CVE-2019-0854
-	RESERVED
+	REJECTED
 CVE-2019-0853 (A remote code execution vulnerability exists in the way that the Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0852
-	RESERVED
+	REJECTED
 CVE-2019-0851 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0850
-	RESERVED
+	REJECTED
 CVE-2019-0849 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0848 (An information disclosure vulnerability exists when the win32k compone ...)
@@ -72845,7 +72878,7 @@ CVE-2019-0845 (A remote code execution vulnerability exists when the IOleCvt int
 CVE-2019-0844 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2019-0843
-	RESERVED
+	REJECTED
 CVE-2019-0842 (A remote code execution vulnerability exists in the way that the VBScr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0841 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
@@ -72863,11 +72896,11 @@ CVE-2019-0836 (An elevation of privilege vulnerability exists when Windows impro
 CVE-2019-0835 (An information disclosure vulnerability exists when the scripting engi ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0834
-	RESERVED
+	REJECTED
 CVE-2019-0833 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0832
-	RESERVED
+	REJECTED
 CVE-2019-0831 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0830 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
@@ -72895,7 +72928,7 @@ CVE-2019-0820 (A denial of service vulnerability exists when .NET Framework and
 CVE-2019-0819 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0818
-	RESERVED
+	REJECTED
 CVE-2019-0817 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0816 (A security feature bypass exists in Azure SSH Keypairs, due to a chang ...)
@@ -72921,7 +72954,7 @@ CVE-2019-0809 (A remote code execution vulnerability exists when the Visual Stud
 CVE-2019-0808 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2019-0807
-	RESERVED
+	REJECTED
 CVE-2019-0806 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0805 (An elevation of privilege vulnerability exists when Windows improperly ...)
@@ -72936,9 +72969,9 @@ CVE-2019-0802 (An information disclosure vulnerability exists when the Windows G
 CVE-2019-0801 (A remote code execution vulnerability exists when Microsoft Office fai ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0800
-	RESERVED
+	REJECTED
 CVE-2019-0799
-	RESERVED
+	REJECTED
 CVE-2019-0798 (A spoofing vulnerability exists when a Lync Server or Skype for Busine ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0797 (An elevation of privilege vulnerability exists in Windows when the Win ...)
@@ -72958,7 +72991,7 @@ CVE-2019-0791 (A remote code execution vulnerability exists when the Microsoft X
 CVE-2019-0790 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0789
-	RESERVED
+	REJECTED
 CVE-2019-0788 (A remote code execution vulnerability exists in the Windows Remote Des ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0787 (A remote code execution vulnerability exists in the Windows Remote Des ...)
@@ -72974,7 +73007,7 @@ CVE-2019-0783 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0782 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2019-0781
-	RESERVED
+	REJECTED
 CVE-2019-0780 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0779 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
@@ -73016,7 +73049,7 @@ CVE-2019-0762 (A security feature bypass vulnerability exists when Microsoft bro
 CVE-2019-0761 (A security feature bypass vulnerability exists when Internet Explorer  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0760
-	RESERVED
+	REJECTED
 CVE-2019-0759 (An information disclosure vulnerability exists when the Windows Print  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0758 (An information disclosure vulnerability exists when the Windows GDI co ...)
@@ -73038,21 +73071,21 @@ CVE-2019-0753 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0752 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0751
-	RESERVED
+	REJECTED
 CVE-2019-0750
-	RESERVED
+	REJECTED
 CVE-2019-0749
-	RESERVED
+	REJECTED
 CVE-2019-0748 (A remote code execution vulnerability exists when the Microsoft Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0747
-	RESERVED
+	REJECTED
 CVE-2019-0746 (An information disclosure vulnerability exists when the scripting engi ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0745
-	RESERVED
+	REJECTED
 CVE-2019-0744
-	RESERVED
+	REJECTED
 CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
 	NOT-FOR-US: Microsoft Team Foundation Server
 CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
@@ -73060,13 +73093,13 @@ CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Found
 CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure IoT Ja ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0740
-	RESERVED
+	REJECTED
 CVE-2019-0739 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0738
-	RESERVED
+	REJECTED
 CVE-2019-0737
-	RESERVED
+	REJECTED
 CVE-2019-0736 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows Client ...)
@@ -73128,9 +73161,9 @@ CVE-2019-0708 (A remote code execution vulnerability exists in Remote Desktop Se
 CVE-2019-0707 (An elevation of privilege vulnerability exists in the Network Driver I ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0706
-	RESERVED
+	REJECTED
 CVE-2019-0705
-	RESERVED
+	REJECTED
 CVE-2019-0704 (An information disclosure vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Windows SMB Server
 CVE-2019-0703 (An information disclosure vulnerability exists in the way that the Win ...)
@@ -73140,9 +73173,9 @@ CVE-2019-0702 (An information disclosure vulnerability exists when the Windows k
 CVE-2019-0701 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0700
-	RESERVED
+	REJECTED
 CVE-2019-0699
-	RESERVED
+	REJECTED
 CVE-2019-0698 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0697 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
@@ -73158,7 +73191,7 @@ CVE-2019-0693 (An elevation of privilege vulnerability exists due to an integer
 CVE-2019-0692 (An elevation of privilege vulnerability exists due to an integer overf ...)
 	NOT-FOR-US: Microsoft Windows Subsystem for Linux
 CVE-2019-0691
-	RESERVED
+	REJECTED
 CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer overf ...)
@@ -73166,27 +73199,27 @@ CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer
 CVE-2019-0688 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2019-0687
-	RESERVED
+	REJECTED
 CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0685 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2019-0684
-	RESERVED
+	REJECTED
 CVE-2019-0683 (An elevation of privilege vulnerability exists in Active Directory For ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0682 (An elevation of privilege vulnerability exists due to an integer overf ...)
 	NOT-FOR-US: Microsoft Windows Subsystem for Linux
 CVE-2019-0681
-	RESERVED
+	REJECTED
 CVE-2019-0680 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0679
-	RESERVED
+	REJECTED
 CVE-2019-0678 (An elevation of privilege vulnerability exists when Microsoft Edge doe ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0677
-	RESERVED
+	REJECTED
 CVE-2019-0676 (An information disclosure vulnerability exists when Internet Explorer  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft Office ...)
@@ -73234,7 +73267,7 @@ CVE-2019-0655 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers improperly han ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0653
-	RESERVED
+	REJECTED
 CVE-2019-0652 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0651 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -73264,7 +73297,7 @@ CVE-2019-0640 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0639 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0638
-	RESERVED
+	REJECTED
 CVE-2019-0637 (A security feature bypass vulnerability exists when Windows Defender F ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0636 (An information vulnerability exists when Windows improperly discloses  ...)
@@ -73282,7 +73315,7 @@ CVE-2019-0631 (A security feature bypass vulnerability exists in Windows which c
 CVE-2019-0630 (A remote code execution vulnerability exists in the way that the Micro ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0629
-	RESERVED
+	REJECTED
 CVE-2019-0628 (An information disclosure vulnerability exists when the win32k compone ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which could  ...)
@@ -73362,11 +73395,11 @@ CVE-2019-0591 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0590 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0589
-	RESERVED
+	REJECTED
 CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft Exch ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0587
-	RESERVED
+	REJECTED
 CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
@@ -73414,7 +73447,7 @@ CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft Edge
 CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
 	NOT-FOR-US: .NET core
 CVE-2019-0563
-	RESERVED
+	REJECTED
 CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft Word mac ...)
@@ -73452,10 +73485,11 @@ CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio whe
 CVE-2019-0545 (An information disclosure vulnerability exists in .NET Framework and . ...)
 	NOT-FOR-US: .NET core
 CVE-2019-0544
-	RESERVED
+	REJECTED
 CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0542 (A remote code execution vulnerability exists in Xterm.js when the comp ...)
+CVE-2019-0542
+	REJECTED
 	- node-xterm <unfixed> (unimportant; bug #926670)
 	NOTE: nodejs not covered by security support
 CVE-2019-0541 (A remote code execution vulnerability exists in the way that the MSHTM ...)
@@ -103813,8 +103847,8 @@ CVE-2018-8656
 	RESERVED
 CVE-2018-8655
 	RESERVED
-CVE-2018-8654
-	RESERVED
+CVE-2018-8654 (An elevation of privilege vulnerability exists in Microsoft Dynamics 3 ...)
+	TODO: check
 CVE-2018-8653 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2018-8652 (A Cross-site Scripting (XSS) vulnerability exists when Windows Azure P ...)
@@ -233425,45 +233459,39 @@ CVE-2015-1205 (Multiple unspecified vulnerabilities in Google Chrome before 40.0
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: See CVE-2014-9654 for the bug in src:icu
 CVE-2015-1203 [stack allocation with an attacker-controlled size -- modules/access/ftp.c]
-	RESERVED
+	REJECTED
 	NOTE: VLC issue disputed by upstream, see bug #775866
 CVE-2015-1202 [stack allocation with an attacker-controlled size -- modules/services_discovery/sap.c]
-	RESERVED
+	REJECTED
 	NOTE: VLC issue disputed by upstream, see bug #775866
 CVE-2015-1201 (Privoxy before 3.0.22 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Bogus entry for Privoxy picked from Secunia
-CVE-2014-9630 [Invalid memory access in rtp code]
-	RESERVED
+CVE-2014-9630 (The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c  ...)
 	{DSA-3150-1}
 	- vlc 2.2.0~rc2-2 (bug #775866)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
-CVE-2014-9629 [integer overflow with resultant buffer overflow]
-	RESERVED
+CVE-2014-9629 (Integer overflow in the Encode function in modules/codec/schroedinger. ...)
 	{DSA-3150-1}
 	- vlc 2.2.0~rc2-2 (bug #775866)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
-CVE-2014-9628 [attacker-triggered zero-size malloc with resultant buffer overflow]
-	RESERVED
+CVE-2014-9628 (The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in Video ...)
 	{DSA-3150-1}
 	- vlc 2.2.0~rc2-2 (bug #775866)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9627 [integer truncation on 32-bit platforms]
-	RESERVED
+CVE-2014-9627 (The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in Video ...)
 	{DSA-3150-1}
 	- vlc 2.2.0~rc2-2 (bug #775866)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9626 [integer underflow]
-	RESERVED
+CVE-2014-9626 (Integer underflow in the MP4_ReadBox_String function in modules/demux/ ...)
 	{DSA-3150-1}
 	- vlc 2.2.0~rc2-2 (bug #775866)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9625 [Buffer overflow in updater]
-	RESERVED
+CVE-2014-9625 (The GetUpdateFile function in misc/update.c in the Updater in VideoLAN ...)
 	- vlc <not-affected> (Update mechanism not enabled in the Debian package)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/815307295c5548c28fa04be8071c672e59305b96

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/815307295c5548c28fa04be8071c672e59305b96
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200125/39ab994a/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list