[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Jul 15 21:19:30 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fa6282c8 by Salvatore Bonaccorso at 2020-07-15T22:18:53+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -121,11 +121,11 @@ CVE-2020-15720 (In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class
 CVE-2020-15719 (libldap in certain third-party OpenLDAP packages has a certificate-val ...)
 	TODO: check
 CVE-2020-15718 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
-	TODO: check
+	NOT-FOR-US: RosarioSIS
 CVE-2020-15717 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
-	TODO: check
+	NOT-FOR-US: RosarioSIS
 CVE-2020-15716 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
-	TODO: check
+	NOT-FOR-US: RosarioSIS
 CVE-2020-15715
 	RESERVED
 CVE-2020-15714
@@ -157,17 +157,17 @@ CVE-2020-15702
 CVE-2020-15701
 	RESERVED
 CVE-2020-15700 (An issue was discovered in Joomla! through 3.9.19. A missing token che ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-15699 (An issue was discovered in Joomla! through 3.9.19. Missing validation  ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-15698 (An issue was discovered in Joomla! through 3.9.19. Inadequate filterin ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-15697 (An issue was discovered in Joomla! through 3.9.19. Internal read-only  ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-15696 (An issue was discovered in Joomla! through 3.9.19. Lack of input filte ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-15695 (An issue was discovered in Joomla! through 3.9.19. A missing token che ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-15694
 	RESERVED
 CVE-2020-15693
@@ -2323,23 +2323,23 @@ CVE-2020-14726
 CVE-2020-14725
 	RESERVED
 CVE-2020-14724 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14723 (Vulnerability in the Oracle Help Technologies product of Oracle Fusion ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14722 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14721 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14720 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14719 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14718 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14717 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14716 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14715 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
 CVE-2020-14714 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -2351,17 +2351,17 @@ CVE-2020-14712 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 CVE-2020-14711 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <not-affected> (MacOS-specific)
 CVE-2020-14710 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14709 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14708 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14707 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
 CVE-2020-14706 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	TODO: check
 CVE-2020-14705 (Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (c ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14704 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
 CVE-2020-14703 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -2369,7 +2369,7 @@ CVE-2020-14703 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 CVE-2020-14702 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2020-14701 (Vulnerability in the Oracle SD-WAN Aware product of Oracle Communicati ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14700 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
 CVE-2020-14699 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -2379,41 +2379,41 @@ CVE-2020-14698 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 CVE-2020-14697 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2020-14696 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14695 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
 CVE-2020-14694 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
 CVE-2020-14693 (Vulnerability in the Oracle Insurance Accounting Analyzer product of O ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14692 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting a ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14691 (Vulnerability in the Oracle Financial Services Liquidity Risk Manageme ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14690 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14689
 	RESERVED
 CVE-2020-14688 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14687 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14686 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14685 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14684 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14683
 	RESERVED
 CVE-2020-14682 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14681 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14680 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2020-14679 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14678 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2020-14677 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -2429,26 +2429,26 @@ CVE-2020-14673 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 CVE-2020-14672
 	RESERVED
 CVE-2020-14671 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14670 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14669 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14668 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14667 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14666 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14665 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14664 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
 	- openjfx 11+26-1
 	NOTE: Oracle CPU lists only 8.x as affected, so marking the first 11.x upload as fixed
 CVE-2020-14663 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2020-14662 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14661 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
 	TODO: check
 CVE-2020-14660 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa6282c83eab2526de769ab065e1ba811a4193c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa6282c83eab2526de769ab065e1ba811a4193c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200715/d72dc493/attachment.html>


More information about the debian-security-tracker-commits mailing list