[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ee0d5d77 by Salvatore Bonaccorso at 2020-05-12T22:15:36+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16953,51 +16953,51 @@ CVE-2020-6264
 CVE-2020-6263
 	RESERVED
 CVE-2020-6262 (Service Data Download in SAP Application Server ABAP (ST-PI, before ve ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6261
 	RESERVED
 CVE-2020-6260
 	RESERVED
 CVE-2020-6259 (Under certain conditions SAP Adaptive Server Enterprise, versions 15.7 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6258 (SAP Identity Management, version 8.0, does not perform necessary autho ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6257 (SAP Business Objects Business Intelligence Platform (CMC and BI Launch ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6256 (SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 8 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6255
 	RESERVED
 CVE-2020-6254 (SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficien ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6253 (Under certain conditions, SAP Adaptive Server Enterprise (Web Services ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6252 (Under certain conditions SAP Adaptive Server Enterprise (Cockpit), ver ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6251 (Under certain conditions or error scenarios SAP Business Objects Busin ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6250 (SAP Adaptive Server Enterprise, version 16.0, allows an authenticated  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6249 (The use of an admin backend report within SAP Master Data Governance,  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6248 (SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6247 (SAP Business Objects Business Intelligence Platform, version 4.2, allo ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6246
 	RESERVED
 CVE-2020-6245 (SAP Business Objects Business Intelligence Platform, version 4.2, allo ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6244 (SAP Business Client, version 7.0, allows an attacker after a successfu ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6243 (Under certain conditions, SAP Adaptive Server Enterprise (XP Server on ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6242 (SAP Business Objects Business Intelligence Platform (Live Data Connect ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6241 (SAP Adaptive Server Enterprise, version 16.0, allows an authenticated  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6240 (SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 75 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6239
 	RESERVED
 CVE-2020-6238 (SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process  ...)
@@ -17767,11 +17767,11 @@ CVE-2020-5900
 CVE-2020-5899
 	RESERVED
 CVE-2020-5898 (In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver d ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2020-5897 (In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2020-5896 (On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Se ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2020-5895 (On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and ...)
 	TODO: check
 CVE-2020-5894 (On versions 3.0.0-3.3.0, the NGINX Controller webserver does not inval ...)
@@ -21537,7 +21537,7 @@ CVE-2020-4348
 CVE-2020-4347 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subjec ...)
 	NOT-FOR-US: IBM
 CVE-2020-4346 (IBM API Connect's V2018.4.1.0 through 2018.4.1.10 management server ha ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4345
 	RESERVED
 CVE-2020-4344
@@ -21839,7 +21839,7 @@ CVE-2020-4197 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be store
 CVE-2020-4196 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scrip ...)
 	NOT-FOR-US: IBM
 CVE-2020-4195 (IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4194
 	RESERVED
 CVE-2020-4193
@@ -76195,7 +76195,7 @@ CVE-2019-4480
 CVE-2019-4479
 	RESERVED
 CVE-2019-4478 (IBM Maximo Asset Management 7.6.0, and 7.6.1 could allow an authentica ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4477 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM
 CVE-2019-4476



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee0d5d77d783f7b5c83dff7a6e6e8192a1a6a807

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee0d5d77d783f7b5c83dff7a6e6e8192a1a6a807
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200512/592b01b2/attachment.html>