[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Mar 4 17:54:23 GMT 2020



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
89b308a1 by Moritz Muehlenhoff at 2020-03-04T18:54:05+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10276,9 +10276,9 @@ CVE-2020-5406
 CVE-2020-5405
 	RESERVED
 CVE-2020-5404 (The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and  ...)
-	TODO: check
+	NOT-FOR-US: Reactor Netty, different from src:netty
 CVE-2020-5403 (Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a UR ...)
-	TODO: check
+	NOT-FOR-US: Reactor Netty, different from src:netty
 CVE-2020-5402 (In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability  ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2020-5401 (Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoR ...)
@@ -34096,7 +34096,7 @@ CVE-2019-15611 (Violation of Secure Design Principles in the iOS App 2.23.0 caus
 CVE-2019-15610 (Improper authorization in the Circles app 0.17.7 causes retaining acce ...)
 	NOT-FOR-US: Circles app
 CVE-2019-15609 (The kill-port-process package version < 2.2.0 is vulnerable to a Co ...)
-	TODO: check
+	NOT-FOR-US: Node kill-port-process
 CVE-2019-15608
 	RESERVED
 CVE-2019-15607 (A stored XSS vulnerability is present within node-red (version: <=  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b308a1cc639ed4d570cad9107fa54b1f2e270f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b308a1cc639ed4d570cad9107fa54b1f2e270f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200304/c1910a4c/attachment.html>


More information about the debian-security-tracker-commits mailing list