[Git][security-tracker-team/security-tracker][master] Process some more NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
64132cb2 by Salvatore Bonaccorso at 2020-11-23T21:26:16+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -283,7 +283,7 @@ CVE-2020-28866
 CVE-2020-28865
 	RESERVED
 CVE-2020-28864 (Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to caus ...)
-	TODO: check
+	NOT-FOR-US: WinSCP
 CVE-2020-28863
 	RESERVED
 CVE-2020-28862
@@ -2328,7 +2328,7 @@ CVE-2020-28423
 CVE-2020-28422
 	RESERVED
 CVE-2020-28421 (CA Unified Infrastructure Management 20.1 and earlier contains a vulne ...)
-	TODO: check
+	NOT-FOR-US: CA Unified Infrastructure Management
 CVE-2020-28420
 	RESERVED
 CVE-2020-28419
@@ -4812,7 +4812,7 @@ CVE-2020-27987
 CVE-2020-27986 (** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discov ...)
 	NOT-FOR-US: SonarQube
 CVE-2020-27985 (Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, ...)
-	TODO: check
+	NOT-FOR-US: Security Onion
 CVE-2020-27984
 	RESERVED
 CVE-2020-27983
@@ -9184,7 +9184,7 @@ CVE-2020-26241
 CVE-2020-26240
 	RESERVED
 CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and Firefox ...)
-	TODO: check
+	NOT-FOR-US: Scratch Addons
 CVE-2020-26238
 	RESERVED
 CVE-2020-26237
@@ -52185,9 +52185,9 @@ CVE-2020-8281
 CVE-2020-8280
 	RESERVED
 CVE-2020-8279 (Missing validation of server certificates for out-going connections in ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Social app
 CVE-2020-8278 (Improper access control in Nextcloud Social app version 0.3.1 allowed  ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Social app
 CVE-2020-8277 (A Node.js application that allows an attacker to trigger a DNS request ...)
 	- c-ares 1.17.1-1
 	[buster] - c-ares <not-affected> (Introduced in 1.16)
@@ -55537,7 +55537,7 @@ CVE-2020-6941
 CVE-2020-6940
 	RESERVED
 CVE-2020-6939 (Tableau Server installations configured with Site-Specific SAML that a ...)
-	TODO: check
+	NOT-FOR-US: Tableau Server
 CVE-2020-6938 (A sensitive information disclosure vulnerability in Tableau Server 10. ...)
 	NOT-FOR-US: Tableau Server
 CVE-2020-6937 (A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64132cb282546c1ed6c3a9fce6a3604a21fc3596

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64132cb282546c1ed6c3a9fce6a3604a21fc3596
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201123/621d1db3/attachment.html>