[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Jul 8 22:45:32 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
14cfba56 by Moritz Muehlenhoff at 2020-07-08T23:44:00+02:00
NFUs
doom commit refs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1460,6 +1460,8 @@ CVE-2020-14983 (The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't
 	[stretch] - chocolate-doom <no-dsa> (Minor issue)
 	[jessie] - chocolate-doom <end-of-life> (games are not supported)
 	NOTE: https://github.com/chocolate-doom/chocolate-doom/issues/1293
+	NOTE: https://github.com/chocolate-doom/chocolate-doom/commit/8b6cfbfc6c934923b3c2c16e5e7e5a74d5d238e1
+	NOTE: https://github.com/fabiangreffrath/crispy-doom/commit/8b6cfbfc6c934923b3c2c16e5e7e5a74d5d238e1
 CVE-2020-14982
 	RESERVED
 CVE-2020-14981 (The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS ha ...)
@@ -22552,7 +22554,7 @@ CVE-2020-7012 (Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a proto
 CVE-2020-7011 (Elastic App Search versions before 7.7.0 contain a cross site scriptin ...)
 	- elasticsearch <removed>
 CVE-2020-7010 (Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate pas ...)
-	TODO: check
+	NOT-FOR-US: Elastic Cloud
 CVE-2020-7009 (Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2  ...)
 	- elasticsearch <removed>
 CVE-2020-7008 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may al ...)
@@ -23221,7 +23223,7 @@ CVE-2020-6754 (dotCMS before 5.2.4 is vulnerable to directory traversal, leading
 CVE-2020-6753 (The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS ...)
 	NOT-FOR-US: Login by Auth0 plugin for WordPress
 CVE-2020-6752 (In OMERO before 5.6.1, group owners can access members' data in other  ...)
-	TODO: check
+	NOT-FOR-US: OMERO
 CVE-2020-6751
 	RESERVED
 CVE-2019-20376 (A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG ...)
@@ -74739,13 +74741,13 @@ CVE-2019-8254 (Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.
 CVE-2019-8253 (Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 hav ...)
 	NOT-FOR-US: Adobe
 CVE-2019-8252 (Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-8251 (Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-8250 (Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-8249 (Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-8248 (Adobe Illustrator CC versions 23.1 and earlier have a memory corruptio ...)
 	NOT-FOR-US: Adobe
 CVE-2019-8247 (Adobe Illustrator CC versions 23.1 and earlier have a memory corruptio ...)
@@ -75111,7 +75113,7 @@ CVE-2019-8068
 CVE-2019-8067
 	RESERVED
 CVE-2019-8066 (Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2019-8065
 	RESERVED
 CVE-2019-8064 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
@@ -84278,9 +84280,9 @@ CVE-2019-4326
 CVE-2019-4325
 	RESERVED
 CVE-2019-4324 ("HCL AppScan Enterprise is susceptible to Cross-Site Scripting while i ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2019-4323 ("HCL AppScan Enterprise advisory API documentation is susceptible to c ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2019-4322 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2019-4321 (IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Ope ...)
@@ -132798,7 +132800,7 @@ CVE-2018-6448
 CVE-2018-6447
 	RESERVED
 CVE-2018-6446 (A vulnerability in Brocade Network Advisor Version Before 14.3.1 could ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2018-6445 (A Vulnerability in Brocade Network Advisor versions before 14.0.3 coul ...)
 	NOT-FOR-US: Brocade
 CVE-2018-6444 (A Vulnerability in Brocade Network Advisor versions before 14.1.0 coul ...)
@@ -198490,7 +198492,7 @@ CVE-2017-1714 (IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated
 CVE-2017-1713 (IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic a ...)
 	NOT-FOR-US: IBM
 CVE-2017-1712 ("A vulnerability in the TLS protocol implementation of the Domino serv ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1711 (IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicio ...)
 	NOT-FOR-US: IBM iNotes
 CVE-2017-1710 (A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (20 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14cfba56a3d0669c372e2e36364b21ca8a5223b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14cfba56a3d0669c372e2e36364b21ca8a5223b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200708/0fcd2a48/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list