[Git][security-tracker-team/security-tracker][master] Process NFUs

Mon Jun 8 21:17:06 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c0f29bb7 by Salvatore Bonaccorso at 2020-06-08T22:16:17+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -151,9 +151,9 @@ CVE-2020-13895 (Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module
 CVE-2020-13886
 	RESERVED
 CVE-2020-13885 (Citrix Workspace App before 2006.1 on Windows has Insecure Permissions ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-13884 (Citrix Workspace App before 2006.1 on Windows has Insecure Permissions ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-13883 (In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, an ...)
 	NOT-FOR-US: WSO2 API Manager
 CVE-2020-13882
@@ -196,7 +196,7 @@ CVE-2020-13867 (Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for
 	- targetcli-fb <unfixed> (bug #962331)
 	NOTE: https://github.com/open-iscsi/targetcli-fb/pull/172
 CVE-2020-13866 (WinGate v9.4.1.5998 has insecure permissions for the installation dire ...)
-	TODO: check
+	NOT-FOR-US: WinGate
 CVE-2020-13865 (The Elementor Page Builder plugin before 2.9.9 for WordPress suffers f ...)
 	NOT-FOR-US: Elementor Page Builder plugin for WordPress
 CVE-2020-13864 (The Elementor Page Builder plugin before 2.9.9 for WordPress suffers f ...)
@@ -2687,7 +2687,7 @@ CVE-2020-12801 (If LibreOffice has an encrypted document open and crashes, that
 	[jessie] - libreoffice <no-dsa> (Minor issue)
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801
 CVE-2020-12800 (The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1. ...)
-	TODO: check
+	NOT-FOR-US: drag-and-drop-multiple-file-upload-contact-form-7 plugin for WordPress
 CVE-2020-12799
 	RESERVED
 CVE-2020-12798 (Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system pol ...)
@@ -2739,7 +2739,7 @@ CVE-2020-12775
 CVE-2020-12774
 	RESERVED
 CVE-2020-12773 (A security misconfiguration vulnerability exists in the SDK of some Re ...)
-	TODO: check
+	NOT-FOR-US: Realtek ADSL/PON Modem SoC firmware
 CVE-2020-12783 (Exim through 4.93 has an out-of-bounds read in the SPA authenticator t ...)
 	{DSA-4687-1 DLA-2213-1}
 	- exim4 4.93-16
@@ -24246,7 +24246,7 @@ CVE-2020-4531
 CVE-2020-4530
 	RESERVED
 CVE-2020-4529 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server si ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4528
 	RESERVED
 CVE-2020-4527



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0f29bb748cd592e4b89c089e2421eefe9fe06ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0f29bb748cd592e4b89c089e2421eefe9fe06ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200608/a4e749b4/attachment.html>
