[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Nov 11 08:45:48 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84e28766 by Salvatore Bonaccorso at 2020-11-11T09:45:23+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,9 +11,9 @@ CVE-2020-28411
 CVE-2020-28410
 	RESERVED
 CVE-2020-28409 (The server in Dundas BI through 8.0.0.1001 allows XSS via addition of  ...)
-	TODO: check
+	NOT-FOR-US: Dundas BI
 CVE-2020-28408 (The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML labe ...)
-	TODO: check
+	NOT-FOR-US: Dundas BI
 CVE-2020-28407
 	RESERVED
 CVE-2020-28406
@@ -8949,9 +8949,9 @@ CVE-2020-25269 (An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before
 	NOTE: https://github.com/inspircd/inspircd/commit/fbdd08043e97c2749ce2f03382559bba89abf47a (v3)
 	NOTE: https://github.com/inspircd/inspircd/commit/b24a91181f58c7f7141de8995ff212993bcc333b (v3)
 CVE-2020-25268 (Remote Code Execution can occur via the external news feed in ILIAS 6. ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2020-25267 (An XSS issue exists in the question-pool file-upload preview feature i ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2020-25266
 	RESERVED
 CVE-2020-25265
@@ -10959,7 +10959,7 @@ CVE-2020-24368 (Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Di
 	NOTE: https://github.com/Icinga/icingaweb2/commit/5700caf5f2ebd8a20ce2bd9ca30cb471f8b7487e (support/2.6)
 	NOTE: https://github.com/Icinga/icingaweb2/commit/3035efac65ca2f7977916bd117056aa411776dfd (master)
 CVE-2020-24367 (Incorrect file permissions in BlueStacks 4 through 4.230 on Windows al ...)
-	TODO: check
+	NOT-FOR-US: BlueStacks
 CVE-2020-24366
 	RESERVED
 CVE-2020-24365 (An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-12 ...)
@@ -11796,7 +11796,7 @@ CVE-2020-23970
 CVE-2020-23969
 	RESERVED
 CVE-2020-23968 (Ilex International Sign&go Workstation Security Suite 7.1 allows e ...)
-	TODO: check
+	NOT-FOR-US: Ilex International Sign&go Workstation Security Suite
 CVE-2020-23967
 	RESERVED
 CVE-2020-23966
@@ -25568,33 +25568,33 @@ CVE-2020-17115
 CVE-2020-17114
 	RESERVED
 CVE-2020-17113 (, aka 'Windows Camera Codec Information Disclosure Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17112
 	RESERVED
 CVE-2020-17111
 	RESERVED
 CVE-2020-17110 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17109 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17108 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17107 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17106 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17105 (, aka 'AV1 Video Extension Remote Code Execution Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17104 (, aka 'Visual Studio Code JSHint Extension Remote Code Execution Vulne ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17103
 	RESERVED
 CVE-2020-17102 (, aka 'WebP Image Extensions Information Disclosure Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17101 (, aka 'HEIF Image Extensions Remote Code Execution Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17100 (, aka 'Visual Studio Tampering Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17099
 	RESERVED
 CVE-2020-17098
@@ -25612,39 +25612,39 @@ CVE-2020-17093
 CVE-2020-17092
 	RESERVED
 CVE-2020-17091 (, aka 'Microsoft Teams Remote Code Execution Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17090 (, aka 'Microsoft Defender for Endpoint Security Feature Bypass Vulnera ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17089
 	RESERVED
 CVE-2020-17088 (, aka 'Windows Common Log File System Driver Elevation of Privilege Vu ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17087 (, aka 'Windows Kernel Local Elevation of Privilege Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17086 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17085 (, aka 'Microsoft Exchange Server Denial of Service Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17084 (, aka 'Microsoft Exchange Server Remote Code Execution Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17083 (, aka 'Microsoft Exchange Server Remote Code Execution Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17082 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17081 (, aka 'Microsoft Raw Image Extension Information Disclosure Vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17080
 	RESERVED
 CVE-2020-17079 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17078 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17077 (, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17076 (, aka 'Windows Update Orchestrator Service Elevation of Privilege Vuln ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17075 (, aka 'Windows USO Core Worker Elevation of Privilege Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-17074 (, aka 'Windows Update Orchestrator Service Elevation of Privilege Vuln ...)
 	TODO: check
 CVE-2020-17073 (, aka 'Windows Update Orchestrator Service Elevation of Privilege Vuln ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e28766ab26cc62cd798e59f0b08a99f4b4a8a0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e28766ab26cc62cd798e59f0b08a99f4b4a8a0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201111/fdaab611/attachment.html>

More information about the debian-security-tracker-commits mailing list