[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jun 2 08:49:37 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
126ca322 by Salvatore Bonaccorso at 2020-06-02T09:49:20+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2020-13758 (modules/security/classes/general.post_filter.php/post_filter.php in th ...)
-	TODO: check
+	NOT-FOR-US: Bitrix24
 CVE-2020-13757 (Python-RSA 4.0 ignores leading '\0' bytes during decryption of ciphert ...)
 	- python-rsa <unfixed>
 	NOTE: https://github.com/sybrenstuvel/python-rsa/issues/146
@@ -130,9 +130,9 @@ CVE-2020-13697
 CVE-2020-13696
 	RESERVED
 CVE-2020-13695 (In QuickBox Community Edition through 2.5.5 and Pro Edition through 2. ...)
-	TODO: check
+	NOT-FOR-US: QuickBox
 CVE-2020-13694 (In QuickBox Community Edition through 2.5.5 and Pro Edition through 2. ...)
-	TODO: check
+	NOT-FOR-US: QuickBox
 CVE-2020-13693 (An unauthenticated privilege-escalation issue exists in the bbPress pl ...)
 	NOT-FOR-US: bbPress plugin for WordPress
 CVE-2020-13692
@@ -656,7 +656,7 @@ CVE-2020-13450
 CVE-2020-13449
 	RESERVED
 CVE-2020-13448 (QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 ...)
-	TODO: check
+	NOT-FOR-US: QuickBox
 CVE-2020-13447
 	RESERVED
 CVE-2020-13446
@@ -12072,7 +12072,7 @@ CVE-2020-9293
 CVE-2020-9292
 	RESERVED
 CVE-2020-9291 (An Insecure Temporary File vulnerability in FortiClient for Windows 6. ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard / FortiClient for Windows
 CVE-2020-9290 (An Unsafe Search Path vulnerability in FortiClient for Windows online  ...)
 	NOT-FOR-US: Fortiguard
 CVE-2020-9289
@@ -12560,7 +12560,7 @@ CVE-2020-9073 (Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E
 CVE-2020-9072 (Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a  ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9071 (There is a few bytes out-of-bounds read vulnerability in some Huawei p ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9070 (Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205( ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9069 (There is an information leakage vulnerability in some Huawei products. ...)
@@ -17717,7 +17717,7 @@ CVE-2020-6870
 CVE-2020-6869
 	RESERVED
 CVE-2020-6868 (ZTE's PON terminal product is impacted by the access control vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2020-6867 (ZTE's SDON controller is impacted by the resource management error vul ...)
 	NOT-FOR-US: ZTE
 CVE-2020-6866 (A ZTE product is impacted by a resource management error vulnerability ...)
@@ -45233,7 +45233,7 @@ CVE-2019-15711 (A privilege escalation vulnerability in FortiClient for Linux 6.
 CVE-2019-15710 (An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, ...)
 	NOT-FOR-US: FortiExtender
 CVE-2019-15709 (An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard
 CVE-2019-15708 (A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6. ...)
 	NOT-FOR-US: Fortiguard
 CVE-2019-15707 (An improper access control vulnerability in FortiMail admin webUI 6.2. ...)
@@ -260155,11 +260155,11 @@ CVE-2014-7177 (XML External Entity vulnerability in Enalean Tuleap 7.2 and earli
 CVE-2014-7176 (SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows r ...)
 	NOT-FOR-US: Enalean Tuleap
 CVE-2014-7175 (FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbit ...)
-	TODO: check
+	NOT-FOR-US: FarLinX X25 Gateway
 CVE-2014-7174 (FarLinX X25 Gateway through 2014-09-25 allows directory traversal via  ...)
-	TODO: check
+	NOT-FOR-US: FarLinX X25 Gateway
 CVE-2014-7173 (FarLinX X25 Gateway through 2014-09-25 allows command injection via sh ...)
-	TODO: check
+	NOT-FOR-US: FarLinX X25 Gateway
 CVE-2014-7172
 	RESERVED
 CVE-2014-7171



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/126ca322a7f549e49e1d06b41d6238f1b76e659f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/126ca322a7f549e49e1d06b41d6238f1b76e659f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200602/3145429b/attachment.html>


More information about the debian-security-tracker-commits mailing list