[Git][security-tracker-team/security-tracker][master] 2 commits: Remove note from CVE-2020-10647

Salvatore Bonaccorso carnil at debian.org
Thu Jun 11 09:21:58 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f94f0f2 by Salvatore Bonaccorso at 2020-06-11T10:19:45+02:00
Remove note from CVE-2020-10647

- - - - -
9c03947e by Salvatore Bonaccorso at 2020-06-11T10:21:22+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2020-14012 (scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledge
 CVE-2020-14011
 	RESERVED
 CVE-2020-14010 (The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via t ...)
-	TODO: check
+	NOT-FOR-US: Laborator Xenon theme for WordPress
 CVE-2020-14009
 	RESERVED
 CVE-2020-14008
@@ -254,7 +254,7 @@ CVE-2020-13894 (handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 a
 CVE-2020-13893
 	RESERVED
 CVE-2020-13892 (The SportsPress plugin before 2.7.2 for WordPress allows XSS. ...)
-	TODO: check
+	NOT-FOR-US: SportsPress plugin for WordPress
 CVE-2020-13891
 	RESERVED
 CVE-2020-13890 (The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an A ...)
@@ -9825,7 +9825,6 @@ CVE-2020-10648 (Das U-Boot through 2020.01 allows attackers to bypass verified b
 	NOTE: https://lists.denx.de/pipermail/u-boot/2020-March/403409.html
 CVE-2020-10647
 	REJECTED
-	NOT-FOR-US: VxWorks
 CVE-2020-10646 (Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a h ...)
 	NOT-FOR-US: Fuji Electric V-Server Lite
 CVE-2020-10645
@@ -20168,7 +20167,7 @@ CVE-2020-6281
 CVE-2020-6280
 	RESERVED
 CVE-2020-6279 (OData APIs and JobApplicationInterview and JobApplication export permi ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6278
 	RESERVED
 CVE-2020-6277
@@ -20176,7 +20175,7 @@ CVE-2020-6277
 CVE-2020-6276
 	RESERVED
 CVE-2020-6275 (SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6274
 	RESERVED
 CVE-2020-6273
@@ -20184,29 +20183,29 @@ CVE-2020-6273
 CVE-2020-6272
 	RESERVED
 CVE-2020-6271 (SAP Solution Manager (Problem Context Manager), version 7.2, does not  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6270 (SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 75 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6269 (Under certain conditions SAP Business Objects Business Intelligence Pl ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6268 (Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV ver ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6267
 	RESERVED
 CVE-2020-6266 (SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an at ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6265 (SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6264 (SAP Commerce, versions - 6.7, 1808, 1811, 1905, may allow an attacker  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6263 (Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6262 (Service Data Download in SAP Application Server ABAP (ST-PI, before ve ...)
 	NOT-FOR-US: SAP
 CVE-2020-6261
 	RESERVED
 CVE-2020-6260 (SAP Solution Manager (Trace Analysis), version 7.20, allows an attacke ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6259 (Under certain conditions SAP Adaptive Server Enterprise, versions 15.7 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6258 (SAP Identity Management, version 8.0, does not perform necessary autho ...)
@@ -20234,7 +20233,7 @@ CVE-2020-6248 (SAP Adaptive Server Enterprise (Backup Server), version 16.0, doe
 CVE-2020-6247 (SAP Business Objects Business Intelligence Platform, version 4.2, allo ...)
 	NOT-FOR-US: SAP
 CVE-2020-6246 (SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_T ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6245 (SAP Business Objects Business Intelligence Platform, version 4.2, allo ...)
 	NOT-FOR-US: SAP
 CVE-2020-6244 (SAP Business Client, version 7.0, allows an attacker after a successfu ...)
@@ -20248,7 +20247,7 @@ CVE-2020-6241 (SAP Adaptive Server Enterprise, version 16.0, allows an authentic
 CVE-2020-6240 (SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 75 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6239 (Under certain conditions SAP Business One (Backup service), versions 9 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6238 (SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process  ...)
 	NOT-FOR-US: SAP
 CVE-2020-6237 (Under certain conditions, SAP Business Objects Business Intelligence P ...)
@@ -24617,15 +24616,15 @@ CVE-2020-4438
 CVE-2020-4437
 	RESERVED
 CVE-2020-4436 (Certain IBM Aspera applications are vulnerable to buffer overflow afte ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4435 (Certain IBM Aspera applications are vulnerable to arbitrary memory cor ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4434 (Certain IBM Aspera applications are vulnerable to buffer overflow base ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4433 (Certain IBM Aspera applications are vulnerable to a stack-based buffer ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4432 (Certain IBM Aspera applications are vulnerable to command injection af ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4431 (IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
 CVE-2020-4430 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a rem ...)
@@ -79457,7 +79456,7 @@ CVE-2019-4578
 CVE-2019-4577
 	RESERVED
 CVE-2019-4576 (IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 1 and 7.4.0 GA d ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4575
 	RESERVED
 CVE-2019-4574



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/07b88636f56a21a4e8f3c7e3ba54799dfd8ad52e...9c03947ec75555ceb3d2a4b348bff50951fbb84e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/07b88636f56a21a4e8f3c7e3ba54799dfd8ad52e...9c03947ec75555ceb3d2a4b348bff50951fbb84e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200611/69aaacfb/attachment.html>

More information about the debian-security-tracker-commits mailing list