[Git][security-tracker-team/security-tracker][master] 4 commits: Process NFUs

Wed Feb 12 10:34:57 GMT 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
625b8e5c by Salvatore Bonaccorso at 2020-02-12T11:34:41+01:00
Process NFUs

- - - - -
b54ddfd8 by Salvatore Bonaccorso at 2020-02-12T11:34:42+01:00
Add CVE-2020-1726/podman

- - - - -
d0e3315f by Salvatore Bonaccorso at 2020-02-12T11:34:43+01:00
Reference itp for three podman related CVEs

- - - - -
3798d1e1 by Salvatore Bonaccorso at 2020-02-12T11:34:44+01:00
Add CVE-2020-1692/moodle

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -621,6 +621,7 @@ CVE-2020-8596 (participants-database.php in the Participants Database plugin 1.9
 	NOT-FOR-US: Participants Database plugin for WordPress
 CVE-2020-8595
 	RESERVED
+	NOT-FOR-US: itsio
 CVE-2020-8594
 	RESERVED
 CVE-2020-8593
@@ -12212,6 +12213,7 @@ CVE-2020-3758 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3
 	NOT-FOR-US: Magento
 CVE-2020-3757
 	RESERVED
+	NOT-FOR-US: Adobe
 CVE-2020-3756
 	RESERVED
 CVE-2020-3755
@@ -17704,6 +17706,7 @@ CVE-2020-1727
 	RESERVED
 CVE-2020-1726
 	RESERVED
+	- podman <itp> (bug #930440)
 CVE-2020-1725
 	RESERVED
 CVE-2020-1724
@@ -17810,8 +17813,10 @@ CVE-2020-1694
 	RESERVED
 CVE-2020-1693
 	RESERVED
+	NOT-FOR-US: NOT-FOR-US: Red Hat Satellite / Spacewalk
 CVE-2020-1692
 	RESERVED
+	- moodle <removed>
 CVE-2020-1691
 	RESERVED
 CVE-2020-1690
@@ -22530,7 +22535,7 @@ CVE-2019-18468
 CVE-2019-18467
 	REJECTED
 CVE-2019-18466 (An issue was discovered in Podman in libpod before 1.6.0. It resolves  ...)
-	NOT-FOR-US: libpod (podman library used to create container pods)
+	- podman <itp> (bug #930440)
 CVE-2019-18601 (OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of ser ...)
 	{DLA-1982-1}
 	- openafs 1.8.5-1 (low; bug #943587)
@@ -48571,7 +48576,7 @@ CVE-2019-10153 (A flaw was discovered in fence-agents, prior to version 4.3.4, w
 	NOTE: https://github.com/ClusterLabs/fence-agents/pull/255
 	NOTE: https://github.com/ClusterLabs/fence-agents/pull/272
 CVE-2019-10152 (A path traversal vulnerability has been discovered in podman before ve ...)
-	NOT-FOR-US: Podman
+	- podman <itp> (bug #930440)
 CVE-2019-10151
 	RESERVED
 CVE-2019-10150 (It was found that OpenShift Container Platform versions 3.6.x - 4.6.0  ...)
@@ -100647,7 +100652,7 @@ CVE-2018-10857 (git-annex is vulnerable to a private data exposure and exfiltrat
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4
 	NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/
 CVE-2018-10856 (It has been discovered that podman before version 0.6.1 does not drop  ...)
-	NOT-FOR-US: Podman
+	- podman <itp> (bug #930440)
 CVE-2018-10855 (Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the n ...)
 	{DSA-4396-1}
 	- ansible 2.5.5+dfsg-1 (low)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/206d1fa972208c613cdb04496656eb5dc0ff3851...3798d1e157a93e4b5079a90da42214e0bb623669

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/206d1fa972208c613cdb04496656eb5dc0ff3851...3798d1e157a93e4b5079a90da42214e0bb623669
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200212/1d33ae15/attachment.html>
