[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Tue, 01 Oct 2019 13:23:04 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
433fa4ba by Salvatore Bonaccorso at 2019-10-01T20:20:29Z
Process some NFUs

- - - - -
f17f6a50 by Salvatore Bonaccorso at 2019-10-01T20:20:30Z
Add CVE-2019-1706{7,8,9}/putty

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2019-17074 (An issue was discovered in XunRuiCMS 4.3.1. There is a stored 
XSS in t ...)
-       TODO: check
+       NOT-FOR-US: XunRuiCMS
 CVE-2019-17073 (emlog through 6.0.0beta allows remote authenticated users to 
delete ar ...)
-       TODO: check
+       NOT-FOR-US: emlog
 CVE-2019-17072
        RESERVED
 CVE-2019-17071
@@ -9,11 +9,15 @@ CVE-2019-17071
 CVE-2019-17070
        RESERVED
 CVE-2019-17069 (PuTTY before 0.73 might allow remote SSH-1 servers to cause a 
denial o ...)
-       TODO: check
+       - putty 0.73-1
+       NOTE: 
https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html
 CVE-2019-17068 (PuTTY before 0.73 mishandles the "bracketed paste mode" 
protection mec ...)
-       TODO: check
+       - putty 0.73-1
+       NOTE: 
https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html
+       TODO: check, potentially only broken in 0.72.
 CVE-2019-17067 (PuTTY before 0.73 on Windows improperly opens port-forwarding 
listenin ...)
-       TODO: check
+       - putty <not-affected> (Windows-specific)
+       NOTE: 
https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html
 CVE-2019-17066
        RESERVED
 CVE-2019-17065



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b84607d55cadf00d317ce7fc53848a7846afc1e0...f17f6a50e3fe0030f9b76fa708c15b7654167d50

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b84607d55cadf00d317ce7fc53848a7846afc1e0...f17f6a50e3fe0030f9b76fa708c15b7654167d50
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to