[Git][security-tracker-team/security-tracker][master] NFU

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
134a059b by Moritz Muehlenhoff at 2020-07-02T09:27:46+02:00
NFU
hylafax Dupe

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -216,7 +216,7 @@ CVE-2020-15395 (In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-b
 CVE-2020-15394
 	RESERVED
 CVE-2019-20893 (An issue was discovered in Activision Infinity Ward Call of Duty Moder ...)
-	TODO: check
+	NOT-FOR-US: Activision
 CVE-2017-18922 (It was discovered that websockets.c in LibVNCServer prior to 0.9.12 di ...)
 	- libvncserver 0.9.12+dfsg-3
 	NOTE: https://github.com/LibVNC/libvncserver/commit/aac95a9dcf4bbba87b76c72706c3221a842ca433
@@ -6219,15 +6219,15 @@ CVE-2020-12888 (The VFIO PCI driver in the Linux kernel through 5.6.13 mishandle
 	- linux <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1836244
 CVE-2020-12887 (Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 ...)
-	TODO: check
+	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
 CVE-2020-12886 (A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5 ...)
-	TODO: check
+	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
 CVE-2020-12885 (An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.1 ...)
-	TODO: check
+	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
 CVE-2020-12884 (A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5 ...)
-	TODO: check
+	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
 CVE-2020-12883 (Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5 ...)
-	TODO: check
+	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
 CVE-2020-12882 (Submitty through 20.04.01 allows XSS via upload of an SVG document, as ...)
 	NOT-FOR-US: Submitty
 CVE-2020-12881
@@ -19257,7 +19257,7 @@ CVE-2020-8182
 CVE-2020-8181
 	RESERVED
 CVE-2020-8180 (A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a cod ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Talk
 CVE-2020-8179
 	RESERVED
 CVE-2020-8178
@@ -19683,7 +19683,7 @@ CVE-2020-8026
 CVE-2020-8025
 	RESERVED
 CVE-2020-8024 (A Incorrect Default Permissions vulnerability in the packaging of hyla ...)
-	TODO: check
+	NOTE: Duplicate of CVE-2020-15397 / CVE-2020-15396, gonna ping SuSE for rejects
 CVE-2020-8023
 	RESERVED
 CVE-2020-8022 (A Incorrect Default Permissions vulnerability in the packaging of tomc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/134a059bb254ba304f2c0645bd03c5bddf475cfa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/134a059bb254ba304f2c0645bd03c5bddf475cfa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200702/b326f16b/attachment.html>