[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Nov 19 20:17:10 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ff027155 by Salvatore Bonaccorso at 2020-11-19T21:16:47+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2020-28951 (libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter ...)
-	TODO: check
+	NOT-FOR-US: libuci in OpenWrt
 CVE-2020-28950
 	RESERVED
 CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...)
@@ -7,7 +7,7 @@ CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to
 CVE-2020-28948 (Archive_Tar through 1.4.10 allows an unserialization attack because ph ...)
 	TODO: check
 CVE-2020-28947 (In MISP 2.4.134, XSS exists in the template element index view because ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2020-28946
 	RESERVED
 CVE-2020-28945
@@ -17,7 +17,7 @@ CVE-2020-28944
 CVE-2020-28943
 	RESERVED
 CVE-2020-28942 (An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling with EST ...)
-	TODO: check
+	NOT-FOR-US: PrimeKey EJBCA
 CVE-2020-28941 (An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c i ...)
 	- linux <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2020/11/19/3
@@ -4522,7 +4522,7 @@ CVE-2020-28056
 CVE-2020-28055 (A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 ...)
 	NOT-FOR-US: TCL Android Smart TV series
 CVE-2020-28054 (JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to a ...)
-	TODO: check
+	NOT-FOR-US: JamoDat TSMManager Collector
 CVE-2020-28053
 	RESERVED
 CVE-2020-28052
@@ -17382,7 +17382,7 @@ CVE-2020-22396
 CVE-2020-22395
 	RESERVED
 CVE-2020-22394 (In YzmCMS v5.5 the member contribution function in the editor contains ...)
-	TODO: check
+	NOT-FOR-US: YzmCMS
 CVE-2020-22393
 	RESERVED
 CVE-2020-22392
@@ -61228,7 +61228,7 @@ CVE-2020-4720
 CVE-2020-4719
 	RESERVED
 CVE-2020-4718 (IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4717
 	RESERVED
 CVE-2020-4716
@@ -61262,7 +61262,7 @@ CVE-2020-4703 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Co
 CVE-2020-4702 (IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-s ...)
 	NOT-FOR-US: IBM
 CVE-2020-4701 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4700 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...)
 	NOT-FOR-US: IBM
 CVE-2020-4699 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff02715567b1ea0dc2082b05ad50639ac5e12699

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff02715567b1ea0dc2082b05ad50639ac5e12699
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201119/51c21b78/attachment.html>

More information about the debian-security-tracker-commits mailing list