Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 81100da7 by Salvatore Bonaccorso at 2022-09-11T14:27:57+02:00 Adjust tracking for kanboard landing in unstable All issues were fixed in a version before the initial upload to Debian, and never an issue with the source in Debian. As such mark those as not-affected with our Fixed before initial upload to Debian reason. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -242966,7 +242966,7 @@ CVE-2019-7325 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through NOTE: https://github.com/ZoneMinder/zoneminder/commit/99f1e23c5b115b46265ab78d57fd6548490c6802 NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-7324 (app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2019-7323 (GUP (generic update process) in LightySoft LogMX before 7.4.0 does not ...) NOT-FOR-US: LightySoft LogMX CVE-2019-7322 @@ -323623,41 +323623,41 @@ CVE-2017-15214 (Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allo CVE-2017-15213 (Stored XSS vulnerability in Flyspray before 1.0-rc6 allows an authenti ...) NOT-FOR-US: Flyspray CVE-2017-15212 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15211 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15210 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15209 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15208 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15207 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15206 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15205 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15204 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15203 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15202 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15201 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15200 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15199 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15198 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15197 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15196 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15195 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector cou ...) - wireshark 2.4.2-1 (low) [jessie] - wireshark <not-affected> (Vulnerable code not present) @@ -331043,9 +331043,9 @@ CVE-2017-12852 (The numpy.pad function in Numpy 1.13.1 and older versions is mis NOTE: https://github.com/numpy/numpy/issues/9560#issuecomment-322395292 NOTE: Negligible security impact CVE-2017-12851 (An authenticated standard user could reset the password of the admin b ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2017-12850 (An authenticated standard user could reset the password of other users ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) NOTE: https://github.com/kanboard/kanboard/commit/88dd6abbf3f519897f2f6280e95c9eec9123a4ae CVE-2017-12849 (Response discrepancy in the login and password reset forms in SilverSt ...) NOT-FOR-US: SilverStripe CMS @@ -439375,7 +439375,7 @@ CVE-2014-3940 (The Linux kernel through 3.14.5 does not properly consider the pr CVE-2014-3925 (sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux ( ...) - sosreport <not-affected> (RedHat-specific issue) CVE-2014-3920 (Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0 ...) - - kanboard 1.2.22+ds-1 (bug #790814) + - kanboard <not-affected> (Fixed before initial upload to Debian) CVE-2014-3919 (A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp ...) NOT-FOR-US: Netgear CVE-2014-3918 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81100da7fd4451dd7a10ddd0e243af84259dcc5d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81100da7fd4451dd7a10ddd0e243af84259dcc5d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits