Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
394838aa by Salvatore Bonaccorso at 2019-08-21T06:08:06Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -284,7 +284,7 @@ CVE-2019-15151 (AdPlug 2.3.1 has a double free in the
Cu6mPlayer class in u6m.h.
CVE-2019-15150 (In the OAuth2 Client extension before 0.4 for MediaWiki, a
CSRF vulner ...)
NOT-FOR-US: OAuth2 Client MediaWiki extension
CVE-2019-15149 (** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that
drops t ...)
- TODO: check
+ NOT-FOR-US: Mitogen
CVE-2018-20976 (An issue was discovered in fs/xfs/xfs_super.c in the Linux
kernel befo ...)
- linux 4.18.6-1
NOTE:
https://git.kernel.org/linus/c9fbd7bbc23dbdd73364be4d045e5d3612cf6e82
@@ -351,11 +351,11 @@ CVE-2019-15139 (The XWD image (X Window System window
dumping file) parsing comp
CVE-2019-15138
RESERVED
CVE-2019-15137 (The Access Control plugin in eProsima Fast RTPS through 1.9.0
allows f ...)
- TODO: check
+ NOT-FOR-US: eProsima Fast RTPS
CVE-2019-15136 (The Access Control plugin in eProsima Fast RTPS through 1.9.0
does not ...)
- TODO: check
+ NOT-FOR-US: eProsima Fast RTPS
CVE-2019-15135 (The handshake protocol in Object Management Group (OMG) DDS
Security 1 ...)
- TODO: check
+ NOT-FOR-US: Object Management Group (OMG) DDS Security
CVE-2019-15134 (RIOT through 2019.07 contains a memory leak in the TCP
implementation ...)
NOT-FOR-US: RIOT RIOT-OS
CVE-2019-15133 (In GIFLIB before 2019-02-16, a malformed GIF file triggers a
divide-by ...)
@@ -7295,7 +7295,7 @@ CVE-2019-13071 (CSRF in the Agent/Center component of
CyberPower PowerPanel Busi
CVE-2019-13070 (A stored XSS vulnerability in the Agent/Center component of
CyberPower ...)
NOT-FOR-US: CyberPower PowerPanel Business Edition
CVE-2019-13069 (extenua SilverSHielD 6.x fails to secure its ProgramData
folder, leadi ...)
- TODO: check
+ NOT-FOR-US: extenua SilverSHielD
CVE-2019-13068 (public/app/features/panel/panel_ctrl.ts in Grafana before
6.2.5 allows ...)
- grafana <removed>
NOTE: https://github.com/grafana/grafana/issues/17718
@@ -12302,9 +12302,9 @@ CVE-2019-11165
CVE-2019-11164
RESERVED
CVE-2019-11163 (Insufficient access control in a hardware abstraction driver
for Intel ...)
- TODO: check
+ NOT-FOR-US: Intel(R) Processor Identification Utility for Windows
CVE-2019-11162 (Insufficient access control in hardware abstraction in SEMA
driver for ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-11161
RESERVED
CVE-2019-11160
@@ -12332,23 +12332,23 @@ CVE-2019-11150
CVE-2019-11149
RESERVED
CVE-2019-11148 (Improper permissions in the installer for Intel(R) Remote
Displays SDK ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-11147
RESERVED
CVE-2019-11146 (Improper file verification in Intel® Driver & Support
Assista ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-11145 (Improper file verification in Intel® Driver & Support
Assista ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-11144
RESERVED
CVE-2019-11143 (Improper permissions in the software installer for Intel(R)
Authentica ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-11142
RESERVED
CVE-2019-11141
RESERVED
CVE-2019-11140 (Insufficient session validation in system firmware for
Intel(R) NUC ma ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-11139
RESERVED
CVE-2019-11138
@@ -26102,7 +26102,7 @@ CVE-2019-6180
CVE-2019-6179
RESERVED
CVE-2019-6178 (An information leakage vulnerability in Iomega and LenovoEMC
NAS produ ...)
- TODO: check
+ NOT-FOR-US: Iomega and LenovoEMC NAS products
CVE-2019-6177
RESERVED
CVE-2019-6176
@@ -26116,7 +26116,7 @@ CVE-2019-6173
CVE-2019-6172
RESERVED
CVE-2019-6171 (A vulnerability was reported in various BIOS versions of older
ThinkPa ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2019-6170
RESERVED
CVE-2019-6169 (A vulnerability reported in Lenovo Service Bridge before
version 4.1.0 ...)
@@ -26128,7 +26128,7 @@ CVE-2019-6167 (A vulnerability reported in Lenovo
Service Bridge before version
CVE-2019-6166 (A vulnerability reported in Lenovo Service Bridge before
version 4.1.0 ...)
NOT-FOR-US: Lenovo Service Bridge
CVE-2019-6165 (A DLL search path vulnerability was reported in PaperDisplay
Hotkey Se ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2019-6164
RESERVED
CVE-2019-6163 (A denial of service vulnerability was reported in Lenovo System
Update ...)
@@ -26140,7 +26140,7 @@ CVE-2019-6161
CVE-2019-6160 (A vulnerability in various versions of Iomega and LenovoEMC NAS
produc ...)
NOT-FOR-US: Iomega and LenovoEMC NAS products
CVE-2019-6159 (A stored cross-site scripting (XSS) vulnerability exists in
various fi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-6158 (An internal product security audit of Lenovo XClarity
Administrator (L ...)
NOT-FOR-US: Lenovo XClarity Administrator (LXCA)
CVE-2019-6157 (In various firmware versions of Lenovo System x, the integrated
manage ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/394838aac81deb94788ff6dd44e3d03035a1865f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/394838aac81deb94788ff6dd44e3d03035a1865f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
