[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Apr 23 09:50:01 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
892455d0 by Salvatore Bonaccorso at 2020-04-23T10:49:29+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2390,7 +2390,7 @@ CVE-2020-11541
 CVE-2020-11540
 	RESERVED
 CVE-2020-11539 (An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It  ...)
-	TODO: check
+	NOT-FOR-US: Tata Sonata Smart SF Rush 1.12 devices
 CVE-2020-11538
 	RESERVED
 CVE-2020-11537 (A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5 ...)
@@ -3500,7 +3500,7 @@ CVE-2020-11013
 CVE-2020-11012
 	RESERVED
 CVE-2020-11011 (In Phproject before version 1.7.8, there's a vulnerability which allow ...)
-	TODO: check
+	NOT-FOR-US: Phproject
 CVE-2020-11010 (In Tortoise ORM before versions 0.15.23 and 0.16.6, various forms of S ...)
 	NOT-FOR-US: Tortoise ORM
 CVE-2020-11009
@@ -3757,59 +3757,59 @@ CVE-2020-10917
 CVE-2020-10916
 	RESERVED
 CVE-2020-10915 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: VEEAM One Agent
 CVE-2020-10914 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: VEEAM One Agent
 CVE-2020-10913 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10912 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10911 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10910 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10909 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10908 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10907 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2020-10906 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2020-10905 (This vulnerability allows remote attackers to disclose sensitive infor ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10904 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10903 (This vulnerability allows remote attackers to disclose sensitive infor ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10902 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10901 (This vulnerability allows remote attackers to disclose sensitive infor ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10900 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2020-10899 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2020-10898 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10897 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10896 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10895 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10894 (This vulnerability allows remote attackers to disclose sensitive infor ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10893 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10892 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10891 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10890 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10889 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2020-10888 (This vulnerability allows remote attackers to bypass authentication on ...)
 	NOT-FOR-US: TP-Link
 CVE-2020-10887 (This vulnerability allows a firewall bypass on affected installations  ...)
@@ -9625,13 +9625,13 @@ CVE-2020-8479
 CVE-2020-8478
 	RESERVED
 CVE-2020-8477 (The installations for ABB System 800xA Information Manager versions 5. ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8476
 	RESERVED
 CVE-2020-8475
 	RESERVED
 CVE-2020-8474 (Weak Registry permissions in ABB System 800xA Base allow low privilege ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8473
 	RESERVED
 CVE-2020-8472
@@ -28054,13 +28054,13 @@ CVE-2019-19109
 CVE-2019-19108 (An authentication weakness in the SNMP service in B&R Automation R ...)
 	NOT-FOR-US: B&R Automation Runtime
 CVE-2019-19107 (The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Ja ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2019-19106 (Improper implementation of Access Control in ABB Telephone Gateway TG/ ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2019-19105 (The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2019-19104 (The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186 ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2019-19103
 	RESERVED
 CVE-2019-19102
@@ -62746,9 +62746,9 @@ CVE-2019-8963
 CVE-2019-8962
 	RESERVED
 CVE-2019-8961 (A Denial of Service vulnerability related to stack exhaustion has been ...)
-	TODO: check
+	NOT-FOR-US: FlexNet Publisher
 CVE-2019-8960 (A Denial of Service vulnerability related to command handling has been ...)
-	TODO: check
+	NOT-FOR-US: FlexNet Publisher
 CVE-2019-8959
 	RESERVED
 CVE-2019-8958



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/892455d0a37ba5411b3bb6798d8cfb75cbf890c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/892455d0a37ba5411b3bb6798d8cfb75cbf890c1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200423/7a6ae458/attachment.html>

More information about the debian-security-tracker-commits mailing list