[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jul 7 21:23:14 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3266758d by Salvatore Bonaccorso at 2020-07-07T22:22:26+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,29 +21,29 @@ CVE-2020-15586
 CVE-2020-15585
 	RESERVED
 CVE-2020-15584 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15583 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15582 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15581 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15580 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15579 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15578 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15577 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
-	TODO: check
+	NOT-FOR-US: Samsung mobile devices
 CVE-2020-15576 (SolarWinds Serv-U File Server before 15.2.1 allows information disclos ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds Serv-U File Server
 CVE-2020-15575 (SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds Serv-U File Server
 CVE-2020-15574 (SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site c ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds Serv-U File Server
 CVE-2020-15573 (SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulner ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds Serv-U File Server
 CVE-2019-20896 (WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponen ...)
 	TODO: check
 CVE-2020-15572
@@ -191,15 +191,15 @@ CVE-2020-15511
 CVE-2020-15510
 	RESERVED
 CVE-2020-15509 (Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library ...)
-	TODO: check
+	NOT-FOR-US: Nordic Semiconductor
 CVE-2020-15508
 	RESERVED
 CVE-2020-15507 (MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, ...)
-	TODO: check
+	NOT-FOR-US: MobileIron Core and Connector
 CVE-2020-15506 (MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, ...)
-	TODO: check
+	NOT-FOR-US: MobileIron Core and Connector
 CVE-2020-15505 (MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, ...)
-	TODO: check
+	NOT-FOR-US: MobileIron Core and Connector
 CVE-2020-15504
 	RESERVED
 CVE-2020-15503 (LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affect ...)
@@ -469,7 +469,7 @@ CVE-2020-15393 (In the Linux kernel through 5.7.6, usbtest_disconnect in drivers
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/28ebeb8db77035e058a510ce9bd17c2b9a009dba
 CVE-2020-15392 (A user enumeration vulnerability flaw was found in Venki Supravizio BP ...)
-	TODO: check
+	NOT-FOR-US: Venki
 CVE-2020-15391
 	RESERVED
 CVE-2020-15390
@@ -521,7 +521,7 @@ CVE-2020-15369
 CVE-2020-15368 (AsrDrv103.sys in the ASRock RGB Driver does not properly restrict acce ...)
 	NOT-FOR-US: ASRock RGB Driver
 CVE-2020-15367 (Venki Supravizio BPM 10.1.2 does not limit the number of authenticatio ...)
-	TODO: check
+	NOT-FOR-US: Venki
 CVE-2020-15366
 	RESERVED
 CVE-2020-15365 (LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in ...)
@@ -565,7 +565,7 @@ CVE-2020-15352
 CVE-2020-15351 (IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES ...)
 	NOT-FOR-US: IDrive
 CVE-2020-15350 (RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2020-15349
 	RESERVED
 CVE-2020-15348 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManag ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3266758d0290f799837279d3fef7d424e96b3495

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3266758d0290f799837279d3fef7d424e96b3495
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200707/60c4a578/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list