[Git][security-tracker-team/security-tracker][master] zim unimportant

Mon Mar 23 21:01:49 GMT 2020


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
370e2785 by Moritz Muehlenhoff at 2020-03-23T22:01:27+01:00
zim unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,6 +1,7 @@
 CVE-2020-10870 (Zim through 0.72.1 creates temporary directories with predictable name ...)
-	- zim <unfixed> (bug #954810)
+	- zim <unfixed> (unimportant; bug #954810)
 	NOTE: https://github.com/zim-desktop-wiki/zim-desktop-wiki/issues/1028
+	NOTE: Negligible security impact
 CVE-2020-10869
 	RESERVED
 CVE-2020-10868
@@ -30,7 +31,7 @@ CVE-2020-10857
 CVE-2020-10856
 	RESERVED
 CVE-2019-20627 (AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE. ...)
-	TODO: check
+	NOT-FOR-US: AutoUpdater.NET
 CVE-2019-20626 (The remote keyless system on Honda HR-V 2017 vehicles sends the same R ...)
 	NOT-FOR-US: Honda HR-V 2017 vehicles
 CVE-2020-XXXX [memcached extlen buffer overflow]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/370e278566ee1105fd797a89bb2f6bd417ed4657

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/370e278566ee1105fd797a89bb2f6bd417ed4657
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200323/04e104eb/attachment.html>
