[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Dec 18 20:41:13 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2e644a6f by Salvatore Bonaccorso at 2020-12-18T21:40:46+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12716,9 +12716,9 @@ CVE-2020-27642 (A cross-site scripting (XSS) vulnerability exists in the 'merge
 CVE-2020-27641
 	REJECTED
 CVE-2020-27640 (The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet phones with ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-27639 (The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phone ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-27637
 	RESERVED
 CVE-2020-27636
@@ -13379,7 +13379,7 @@ CVE-2020-27342
 CVE-2020-27341
 	RESERVED
 CVE-2020-27340 (The online help portal of Mitel MiCollab before 9.2 could allow an att ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-27339
 	RESERVED
 CVE-2020-27338
@@ -13772,7 +13772,7 @@ CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate a
 CVE-2020-27155 (An issue was discovered in Octopus Deploy through 2020.4.4. If enabled ...)
 	NOT-FOR-US: Octopus Deploy
 CVE-2020-27154 (The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Win ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-27152 (An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioap ...)
 	- linux 5.9.6-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
@@ -15980,21 +15980,21 @@ CVE-2020-26180
 CVE-2020-26179
 	RESERVED
 CVE-2020-26178 (In tangro Business Workflow before 1.18.1, knowing an attachment ID, i ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26177 (In tangro Business Workflow before 1.18.1, a user's profile contains s ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26176 (An issue was discovered in tangro Business Workflow before 1.18.1. No  ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26175 (In tangro Business Workflow before 1.18.1, an attacker can manipulate  ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26174 (tangro Business Workflow before 1.18.1 requests a list of allowed file ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26173 (An incorrect access control implementation in Tangro Business Workflow ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26172 (Every login in tangro Business Workflow before 1.18.1 generates the sa ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26171 (In tangro Business Workflow before 1.18.1, the documentId of attachmen ...)
-	TODO: check
+	NOT-FOR-US: tangro Business Workflow
 CVE-2020-26170
 	RESERVED
 CVE-2020-26169
@@ -17480,19 +17480,19 @@ CVE-2020-25613 (An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6
 	NOTE: https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
 	NOTE: Fix in webrick: https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7
 CVE-2020-25612 (The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an atta ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-25611 (The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-25610 (The AWV component of Mitel MiCollab before 9.2 could allow an attacker ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-25609 (The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow  ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-25608 (The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-25607
 	RESERVED
 CVE-2020-25606 (The AWV component of Mitel MiCollab before 9.2 could allow an attacker ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-25605
 	RESERVED
 CVE-2020-25604 (An issue was discovered in Xen through 4.14.x. There is a race conditi ...)
@@ -19503,7 +19503,7 @@ CVE-2020-24695
 CVE-2020-24694
 	RESERVED
 CVE-2020-24693 (The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 co ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-24692 (The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 co ...)
 	NOT-FOR-US: Mitel
 CVE-2020-24691



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e644a6f2caedd0f0f167c5e3c7cfcaa87c5c6d0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e644a6f2caedd0f0f167c5e3c7cfcaa87c5c6d0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201218/2519dd36/attachment.html>

More information about the debian-security-tracker-commits mailing list