[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b4d4330 by Salvatore Bonaccorso at 2020-06-18T09:39:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2785,7 +2785,7 @@ CVE-2020-13225 (phpIPAM 1.4 contains a stored cross site scripting (XSS) vulnera
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/issues/3025
 CVE-2020-13224 (TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices throu ...)
-	TODO: check
+	NOT-FOR-US: TP-LINK
 CVE-2020-13223 (HashiCorp Vault and Vault Enterprise before 1.3.6, and 1.4.2 before 1. ...)
 	NOT-FOR-US: HashiCorp Vault
 CVE-2020-13222
@@ -6541,43 +6541,43 @@ CVE-2020-11915
 CVE-2019-20786 (handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a chec ...)
 	NOT-FOR-US: Pion DTLS
 CVE-2020-11914 (The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11913 (The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11912 (The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read. ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11911 (The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Cont ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11910 (The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Rea ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11909 (The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow. ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11908 (The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in  ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11907 (The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Par ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11906 (The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Inte ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11905 (The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11904 (The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during  ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11903 (The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read. ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11902 (The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling O ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11901 (The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution vi ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11900 (The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Fr ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11899 (The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11898 (The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMP ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11897 (The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via  ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11896 (The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, r ...)
-	TODO: check
+	NOT-FOR-US: Treck TCP/IP stack / Cisco
 CVE-2020-11895 (Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) i ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/197



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b4d4330bc90041991a99a0d372c84fa632339c8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b4d4330bc90041991a99a0d372c84fa632339c8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200618/84e23fb3/attachment.html>