[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Dec 7 20:19:08 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8afbcb2 by Salvatore Bonaccorso at 2020-12-07T21:18:47+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2020-29597
 CVE-2020-29596
 	RESERVED
 CVE-2020-29595 (PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 ...)
-	TODO: check
+	NOT-FOR-US: ACDSee Photo Studio Studio Professional
 CVE-2020-29594
 	RESERVED
 CVE-2020-29593
@@ -1598,7 +1598,7 @@ CVE-2020-28952
 CVE-2020-28951 (libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter ...)
 	NOT-FOR-US: libuci in OpenWrt
 CVE-2020-28950 (The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4 ...)
-	TODO: check
+	NOT-FOR-US: installer of Kaspersky Anti-Ransomware Tool (KART)
 CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...)
 	{DLA-2466-1 DLA-2465-1}
 	- drupal7 <removed>
@@ -2099,7 +2099,7 @@ CVE-2020-28729
 CVE-2020-28728
 	RESERVED
 CVE-2020-28727 (Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid p ...)
-	TODO: check
+	NOT-FOR-US: SeedDMS
 CVE-2020-28726 (Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter  ...)
 	NOT-FOR-US: SeedDMS
 CVE-2020-28725
@@ -8931,7 +8931,7 @@ CVE-2020-27152 (An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kv
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=208767
 	NOTE: https://git.kernel.org/linus/77377064c3a94911339f13ce113b3abf265e06da
 CVE-2020-27151 (An issue was discovered in Kata Containers through 1.11.3 and 2.x thro ...)
-	TODO: check
+	NOT-FOR-US: Kata Containers
 CVE-2020-27153 (In BlueZ before 5.55, a double free was found in the gatttool disconne ...)
 	{DLA-2410-1}
 	- bluez 5.55-1
@@ -10400,7 +10400,7 @@ CVE-2020-26515
 CVE-2020-26514
 	RESERVED
 CVE-2020-26513 (An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP ...)
-	TODO: check
+	NOT-FOR-US: Intland codeBeamer ALM
 CVE-2020-26512
 	RESERVED
 CVE-2020-26511 (The wpo365-login plugin before v11.7 for WordPress allows use of a sym ...)
@@ -11247,7 +11247,7 @@ CVE-2020-26124 (openmediavault before 4.1.36 and 5.x before 5.5.12 allows authen
 CVE-2020-26123
 	RESERVED
 CVE-2020-26122 (Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remot ...)
-	TODO: check
+	NOT-FOR-US: Inspur NF5266M5
 CVE-2020-26121 (An issue was discovered in the FileImporter extension for MediaWiki be ...)
 	NOT-FOR-US: FileImporter MediaWiki extension
 CVE-2020-26120 (XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 ...)
@@ -12947,7 +12947,7 @@ CVE-2020-25451
 CVE-2020-25450
 	RESERVED
 CVE-2020-25449 (Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can ...)
-	TODO: check
+	NOT-FOR-US: Arachnys Cabot
 CVE-2020-25448
 	RESERVED
 CVE-2020-25447
@@ -51765,7 +51765,7 @@ CVE-2020-9249 (HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E
 CVE-2020-9248 (Huawei FusionComput 8.0.0 have an improper authorization vulnerability ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9247 (There is a buffer overflow vulnerability in several Huawei products. T ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9246 (FusionCompute 8.0.0 has an information leak vulnerability. A module do ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9245 (HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUA ...)
@@ -60436,11 +60436,11 @@ CVE-2020-5802
 CVE-2020-5801
 	RESERVED
 CVE-2020-5800 (The Eat Spray Love mobile app for both iOS and Android contains logic  ...)
-	TODO: check
+	NOT-FOR-US: Eat Spray Love mobile app
 CVE-2020-5799 (The Eat Spray Love mobile app for both iOS and Android contains a back ...)
-	TODO: check
+	NOT-FOR-US: Eat Spray Love mobile app
 CVE-2020-5798 (inSync Client installer for macOS versions v6.8.0 and prior could allo ...)
-	TODO: check
+	NOT-FOR-US: inSync Client installer for macOS
 CVE-2020-5797 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180 ...)
 	NOT-FOR-US: TP-Link
 CVE-2020-5796 (Improper preservation of permissions in Nagios XI 5.7.4 allows a local ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8afbcb263450547c03358643c7983b83125475e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8afbcb263450547c03358643c7983b83125475e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201207/1e20a39a/attachment.html>

More information about the debian-security-tracker-commits mailing list