[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Dec 2 13:37:25 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e6e3183 by Moritz Muehlenhoff at 2020-12-02T14:37:02+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2020-29455
 	RESERVED
 CVE-2020-29454 (Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user  ...)
-	TODO: check
+	NOT-FOR-US: Umbraco CMS
 CVE-2020-29453
 	RESERVED
 CVE-2020-29452
@@ -6366,7 +6366,7 @@ CVE-2020-27820
 CVE-2020-27819 [NULL pointer dereference via crafted xls file]
 	RESERVED
 	NOTE: https://github.com/libxls/libxls/issues/84
-	TODO: check, while r-cran-readxl, this particular issue seems not to affect the embedded copy and their usage
+	- r-cran-readxl <not-affected> (Embeds libxls, but not affected)
 CVE-2020-27818
 	RESERVED
 CVE-2020-27817
@@ -10376,7 +10376,7 @@ CVE-2020-26247
 CVE-2020-26246
 	RESERVED
 CVE-2020-26245 (npm package systeminformation before version 4.30.5 is vulnerable to P ...)
-	TODO: check
+	NOT-FOR-US: Node systeminformation
 CVE-2020-26244
 	RESERVED
 CVE-2020-26243 (Nanopb is a small code-size Protocol Buffers implementation. In Nanopb ...)
@@ -36854,7 +36854,7 @@ CVE-2020-14195 (FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the in
 CVE-2020-14194 (Zulip Server before 2.1.5 allows reverse tabnapping via a topic header ...)
 	- zulip-server <itp> (bug #800052)
 CVE-2020-14193 (Affected versions of Automation for Jira - Server allowed remote attac ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2020-14192
 	RESERVED
 CVE-2020-14191 (Affected versions of Atlassian Fisheye/Crucible allow remote attackers ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e6e3183749cc2c95c3467e4d796e1ae953d52f7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e6e3183749cc2c95c3467e4d796e1ae953d52f7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201202/48a3292e/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list