[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Mar 11 17:57:56 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
65e5f85d by Salvatore Bonaccorso at 2020-03-11T18:57:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,7 +25,7 @@ CVE-2020-10374
 CVE-2020-10373
 	RESERVED
 CVE-2020-10372 (Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XS ...)
-	TODO: check
+	NOT-FOR-US: Ramp AltitudeCDN Altimeter
 CVE-2020-10371
 	RESERVED
 CVE-2020-10370
@@ -2937,7 +2937,7 @@ CVE-2020-9046
 CVE-2020-9045
 	RESERVED
 CVE-2020-9044 (XXE vulnerability exists in the Metasys family of product Web Services ...)
-	TODO: check
+	NOT-FOR-US: Johnson Controls
 CVE-2020-9043 (The wpCentral plugin before 1.5.1 for WordPress allows disclosure of t ...)
 	NOT-FOR-US: wpCentral plugin for WordPress
 CVE-2020-9042
@@ -3093,7 +3093,7 @@ CVE-2019-20454 (An out-of-bounds read was discovered in PCRE before 10.34 when t
 	NOTE: Fixed by: https://vcs.pcre.org/pcre2?view=revision&revision=1092
 	NOTE: Tests: https://vcs.pcre.org/pcre2?view=revision&revision=1091
 CVE-2020-8994 (An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1. ...)
-	TODO: check
+	NOT-FOR-US: XIAOMI AI speaker MDZ-25-DT
 CVE-2020-8993
 	RESERVED
 CVE-2020-8992 (ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux k ...)
@@ -6307,7 +6307,7 @@ CVE-2020-7581
 CVE-2020-7580
 	RESERVED
 CVE-2020-7579 (A vulnerability has been identified in Spectrum Power™ 5 (All ve ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2020-7578
 	RESERVED
 CVE-2020-7577
@@ -11510,7 +11510,7 @@ CVE-2020-5258 (In affected versions of dojo (NPM package), the deepCopy method i
 CVE-2020-5257
 	RESERVED
 CVE-2020-5256 (BookStack before version 0.25.5 has a vulnerability where a user could ...)
-	TODO: check
+	NOT-FOR-US: BookStack
 CVE-2020-5255
 	RESERVED
 CVE-2020-5254 (In NetHack before 3.6.6, some out-of-bound values for the hilite_statu ...)
@@ -21743,25 +21743,25 @@ CVE-2019-19301
 CVE-2019-19300
 	RESERVED
 CVE-2019-19299 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19298 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19297 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19296 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19295 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19294 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19293 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19292 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19291 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19290 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
-	TODO: check
+	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19289
 	RESERVED
 CVE-2019-19288
@@ -21779,15 +21779,15 @@ CVE-2019-19283
 CVE-2019-19282 (A vulnerability has been identified in OpenPCS 7 V8.1 (All versions),  ...)
 	TODO: check
 CVE-2019-19281 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-19280
 	RESERVED
 CVE-2019-19279 (A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-19278 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180  ...)
 	NOT-FOR-US: SINAMICS
 CVE-2019-19277 (A vulnerability has been identified in SIPORT MP (All versions < 3. ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-19276
 	RESERVED
 CVE-2019-19275 (typed_ast 1.3.0 and 1.3.1 has an ast_for_arguments out-of-bounds read. ...)
@@ -26673,7 +26673,7 @@ CVE-2019-18338 (A vulnerability has been identified in SiNVR 3 Central Control S
 CVE-2019-18337 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
 	NOT-FOR-US: Siemens
 CVE-2019-18336 (A vulnerability has been identified in SIMATIC S7-300 CPU family (incl ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2019-18335 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
 	NOT-FOR-US: Siemens
 CVE-2019-18334 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65e5f85d9cd63b80a8c1ab38651624a5d488337f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65e5f85d9cd63b80a8c1ab38651624a5d488337f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200311/66e1ca25/attachment.html>

More information about the debian-security-tracker-commits mailing list