[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Apr 22 19:41:23 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
652e6666 by Moritz Muehlenhoff at 2020-04-22T20:41:05+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -235,7 +235,7 @@ CVE-2020-11946 (Zoho ManageEngine OpManager before 125120 allows an unauthentica
 CVE-2020-11945
 	RESERVED
 CVE-2020-11944 (Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call_ ...)
-	TODO: check
+	NOT-FOR-US: bitcoin-abe
 CVE-2020-11943
 	RESERVED
 CVE-2020-11942
@@ -3458,7 +3458,7 @@ CVE-2020-11012
 CVE-2020-11011
 	RESERVED
 CVE-2020-11010 (In Tortoise ORM before versions 0.15.23 and 0.16.6, various forms of S ...)
-	TODO: check
+	NOT-FOR-US: Tortoise ORM
 CVE-2020-11009
 	RESERVED
 CVE-2020-11008 (Affected versions of Git have a vulnerability whereby Git can be trick ...)
@@ -4813,7 +4813,7 @@ CVE-2020-10571 (An issue was discovered in psd-tools before 1.9.4. The Cython im
 CVE-2020-10570 (The Telegram application through 5.12 for Android, when Show Popup is  ...)
 	NOT-FOR-US: Telegram for Android
 CVE-2020-10569 (SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, w ...)
-	TODO: check
+	NOT-FOR-US: SysAid On-Premise
 CVE-2020-10568 (The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for Word ...)
 	NOT-FOR-US: sitepress-multilingual-cms (WPML) plugin for WordPress
 CVE-2020-10567 (An issue was discovered in Responsive Filemanager through 9.14.0. In t ...)
@@ -16996,7 +16996,7 @@ CVE-2020-5270 (In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an o
 CVE-2020-5269 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflect ...)
 	NOT-FOR-US: PrestaShop
 CVE-2020-5268 (In Saml2 Authentication Services for ASP.NET before versions 2.7.0 and ...)
-	TODO: check
+	NOT-FOR-US: Saml2 Authentication Services for ASP.NET
 CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible ...)
 	{DLA-2149-1}
 	- rails 2:5.2.4.1+dfsg-2 (bug #954304)
@@ -20186,7 +20186,7 @@ CVE-2020-3948 (Linux Guest VMs running on VMware Workstation (15.x before 15.5.2
 CVE-2020-3947 (VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2 ...)
 	NOT-FOR-US: VMware
 CVE-2020-3946 (InstallBuilder AutoUpdate tool and regular installers enabling <che ...)
-	TODO: check
+	NOT-FOR-US: InstallBuilder
 CVE-2020-3945 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
 	NOT-FOR-US: VMware
 CVE-2020-3944 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
@@ -20315,7 +20315,7 @@ CVE-2019-20104 (The OpenID client application in Atlassian Crowd before version
 CVE-2019-20103
 	RESERVED
 CVE-2019-20102 (The attachment-uploading feature in Atlassian Confluence Server from v ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2019-20101
 	RESERVED
 CVE-2019-20100 (The Atlassian Application Links plugin is vulnerable to cross-site req ...)
@@ -28005,7 +28005,7 @@ CVE-2019-19110
 CVE-2019-19109
 	RESERVED
 CVE-2019-19108 (An authentication weakness in the SNMP service in B&R Automation R ...)
-	TODO: check
+	NOT-FOR-US: B&R Automation Runtime
 CVE-2019-19107
 	RESERVED
 CVE-2019-19106
@@ -35421,7 +35421,7 @@ CVE-2019-17527 (dataForDepandantField in models/custormfields.php in the JS JOBS
 CVE-2019-17526 (** DISPUTED ** An issue was discovered in SageMath Sage Cell Server th ...)
 	NOT-FOR-US: Sage Cell Server (not part of SafeMath as packaged in Debian)
 CVE-2019-17525 (The login page on D-Link DIR-615 T1 20.10 devices allows remote attack ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2019-17524 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows r ...)
 	NOT-FOR-US: Technicolor TC7300 STFA.51.20 devices
 CVE-2019-17523 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows r ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/652e6666b5c2fa43ee9b5950656613fad3703580

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/652e6666b5c2fa43ee9b5950656613fad3703580
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200422/66ba6e13/attachment.html>

More information about the debian-security-tracker-commits mailing list