[Git][security-tracker-team/security-tracker][master] Process some more NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5130b5af by Salvatore Bonaccorso at 2020-12-17T09:25:45+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -72,7 +72,7 @@ CVE-2020-35455
 CVE-2020-35454
 	RESERVED
 CVE-2020-35453 (HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorre ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vault
 CVE-2020-35452
 	RESERVED
 CVE-2020-35451
@@ -585,33 +585,33 @@ CVE-2020-35199 (Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchat
 CVE-2020-35198
 	RESERVED
 CVE-2020-35197 (The official memcached docker images before 1.5.11-alpine (Alpine spec ...)
-	TODO: check
+	NOT-FOR-US: memcached docker images before 1.5.11-alpine (Alpine specific)
 CVE-2020-35196 (The official rabbitmq docker images before 3.7.13-beta.1-management-al ...)
-	TODO: check
+	NOT-FOR-US: rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific)
 CVE-2020-35195 (The official haproxy docker images before 1.8.18-alpine (Alpine specif ...)
-	TODO: check
+	NOT-FOR-US: haproxy docker images before 1.8.18-alpine (Alpine specific)
 CVE-2020-35194 (The official influxdb docker images before 1.7.3-meta-alpine (Alpine s ...)
-	TODO: check
+	NOT-FOR-US: influxdb docker images before 1.7.3-meta-alpine (Alpine specific)
 CVE-2020-35193 (The official sonarqube docker images before alpine (Alpine specific) c ...)
 	NOT-FOR-US: sonarqube docker images before alpine (Alpine specific)
 CVE-2020-35192 (The official vault docker images before 0.11.6 contain a blank passwor ...)
-	TODO: check
+	NOT-FOR-US: vault docker images
 CVE-2020-35191 (The official drupal docker images before 8.5.10-fpm-alpine (Alpine spe ...)
-	TODO: check
+	NOT-FOR-US: drupal docker images
 CVE-2020-35190 (The official plone Docker images before version of 4.3.18-alpine (Alpi ...)
-	TODO: check
+	NOT-FOR-US: plone Docker images
 CVE-2020-35189 (The official kong docker images before 1.0.2-alpine (Alpine specific)  ...)
-	TODO: check
+	NOT-FOR-US:  kong docker images before 1.0.2-alpine (Alpine specific)
 CVE-2020-35188 (The official chronograf docker images before 1.7.7-alpine (Alpine spec ...)
-	TODO: check
+	NOT-FOR-US: chronograf docker images before 1.7.7-alpine (Alpine specific)
 CVE-2020-35187 (The official telegraf docker images before 1.9.4-alpine (Alpine specif ...)
-	TODO: check
+	NOT-FOR-US: telegraf docker images before 1.9.4-alpine (Alpine specific)
 CVE-2020-35186 (The official adminer docker images before 4.7.0-fastcgi contain a blan ...)
-	TODO: check
+	NOT-FOR-US: adminer docker images
 CVE-2020-35185 (The official ghost docker images before 2.16.1-alpine (Alpine specific ...)
-	TODO: check
+	NOT-FOR-US: ghost docker images (Alpine specific)
 CVE-2020-35184 (The official composer docker images before 1.8.3 contain a blank passw ...)
-	TODO: check
+	NOT-FOR-US: composer docker images
 CVE-2020-35183
 	RESERVED
 CVE-2020-35182
@@ -625,7 +625,7 @@ CVE-2020-35179
 CVE-2020-35178
 	RESERVED
 CVE-2020-35177 (HashiCorp Vault and Vault Enterprise allowed the enumeration of users  ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vault
 CVE-2020-35176 (In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial a ...)
 	- awstats <unfixed> (bug #977190)
 	NOTE: https://github.com/eldy/awstats/issues/195



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5130b5afbea9c609141bcc971f3691abf7e2a65c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5130b5afbea9c609141bcc971f3691abf7e2a65c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201217/6f46784f/attachment-0001.html>