[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4d12c09e by Moritz Muehlenhoff at 2020-11-04T18:37:00+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4799,9 +4799,9 @@ CVE-2020-26213
 CVE-2020-26212
 	RESERVED
 CVE-2020-26211 (In BookStack before version 0.30.4, a user with permissions to edit a  ...)
-	TODO: check
+	NOT-FOR-US: BookStack app
 CVE-2020-26210 (In BookStack before version 0.30.4, a user with permissions to edit a  ...)
-	TODO: check
+	NOT-FOR-US: BookStack app
 CVE-2020-26209
 	RESERVED
 CVE-2020-26208
@@ -9777,7 +9777,7 @@ CVE-2020-23991
 CVE-2020-23990
 	RESERVED
 CVE-2020-23989 (NeDi 1.9C allows pwsec.php oid XSS. ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-23988
 	RESERVED
 CVE-2020-23987
@@ -10019,7 +10019,7 @@ CVE-2020-23870
 CVE-2020-23869
 	RESERVED
 CVE-2020-23868 (NeDi 1.9C allows inc/rt-popup.php d XSS. ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-23867
 	RESERVED
 CVE-2020-23866
@@ -25978,17 +25978,17 @@ CVE-2020-15999 (Heap buffer overflow in Freetype in Google Chrome prior to 86.0.
 	NOTE: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a3bab162b2ae616074c8877a04556932998aeacd
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2103
 CVE-2020-15998 (Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a ...)
-	TODO: check
+	- chromium <not-affected> (Chrome on Android)
 CVE-2020-15997 (Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed  ...)
-	TODO: check
+	- chromium <not-affected> (Chrome on Android)
 CVE-2020-15996 (Use after free in passwords in Google Chrome prior to 86.0.4240.99 all ...)
-	TODO: check
+	- chromium <not-affected> (Chrome on Android)
 CVE-2020-15995 (Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allow ...)
-	TODO: check
+	- chromium <not-affected> (Chrome on Android)
 CVE-2020-15994 (Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a  ...)
-	TODO: check
+	- chromium <not-affected> (Chrome on Android)
 CVE-2020-15993 (Use after free in printing in Google Chrome prior to 86.0.4240.99 allo ...)
-	TODO: check
+	- chromium <not-affected> (Chrome on Android)
 CVE-2020-15992 (Insufficient policy enforcement in networking in Google Chrome prior t ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -43601,7 +43601,7 @@ CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue wa
 	- wpewebkit 2.28.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
 CVE-2020-9861 (A stack overflow issue existed in Swift for Linux. The issue was addre ...)
-	TODO: check
+	NOT-FOR-US: Swift (different from src:swift)
 CVE-2020-9860 (A custom URL scheme handling issue was addressed with improved input v ...)
 	NOT-FOR-US: Apple
 CVE-2020-9859 (A memory consumption issue was addressed with improved memory handling ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d12c09e87b0a6d3d89006360fcb1d324cccacd9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d12c09e87b0a6d3d89006360fcb1d324cccacd9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201104/6a2fc177/attachment.html>