[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
794d1178 by Salvatore Bonaccorso at 2020-08-01T10:14:29+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -853,11 +853,11 @@ CVE-2020-15873 (In LibreNMS before 1.65.1, an authenticated attacker can achieve
 CVE-2020-15872
 	RESERVED
 CVE-2020-15871 (Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
 CVE-2020-15870 (Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
 CVE-2020-15869 (Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
 CVE-2020-15868
 	RESERVED
 CVE-2020-15867
@@ -28252,9 +28252,9 @@ CVE-2020-5416
 CVE-2020-5415
 	RESERVED
 CVE-2020-5414 (VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7. ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-5413 (Spring Integration framework provides Kryo Codec implementations as an ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-5412
 	RESERVED
 CVE-2020-5411 (When configured to enable default typing, Jackson contained a deserial ...)
@@ -28297,7 +28297,7 @@ CVE-2020-5397 (Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to
 	NOTE: https://github.com/spring-projects/spring-framework/issues/24327
 	NOTE: https://github.com/spring-projects/spring-framework/commit/bc7d01048579430b4b2df668178809b63d3f1929
 CVE-2020-5396 (VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and  ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-5395 (FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd. ...)
 	- fontforge <unfixed> (bug #948231)
 	[buster] - fontforge <no-dsa> (Minor issue)
@@ -67078,7 +67078,7 @@ CVE-2019-11287 (Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior
 	[jessie] - rabbitmq-server <postponed> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2019-11287
 CVE-2019-11286 (VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and  ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2019-11285
 	REJECTED
 CVE-2019-11284 (Pivotal Reactor Netty, versions prior to 0.8.11, passes headers throug ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/794d11784378ffd3db49861950b00ed25747aae9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/794d11784378ffd3db49861950b00ed25747aae9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200801/c4c366ea/attachment.html>