[Git][security-tracker-team/security-tracker][master] 2 commits: NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Nov 25 08:35:02 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1babc0a8 by Moritz Muehlenhoff at 2020-11-25T09:34:09+01:00
NFUs

- - - - -
b2204944 by Moritz Muehlenhoff at 2020-11-25T09:34:45+01:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2020-29073
 	RESERVED
 CVE-2020-29072 (A Cross-Site Script Inclusion vulnerability was found on LiquidFiles b ...)
-	TODO: check
+	NOT-FOR-US: LiquidFiles
 CVE-2020-29071 (An XSS issue was found in the Shares feature of LiquidFiles before 3.3 ...)
-	TODO: check
+	NOT-FOR-US: LiquidFiles
 CVE-2020-29070
 	RESERVED
 CVE-2020-29069 (_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network ...)
-	TODO: check
+	NOT-FOR-US: Modern Honey Network
 CVE-2020-29068
 	RESERVED
 CVE-2020-29067
@@ -19,27 +19,27 @@ CVE-2020-29065
 CVE-2020-29064
 	RESERVED
 CVE-2020-29063 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29062 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29061 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29060 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29059 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29058 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29057 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29056 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29055 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29054 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2020-29053 (HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_da ...)
-	TODO: check
+	NOT-FOR-US: HRSALE
 CVE-2020-29052
 	RESERVED
 CVE-2020-29051
@@ -47,9 +47,9 @@ CVE-2020-29051
 CVE-2020-29050
 	RESERVED
 CVE-2015-9551 (An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2015-9550 (An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2020-29049
 	RESERVED
 CVE-2020-29048
@@ -147,9 +147,9 @@ CVE-2020-29005
 CVE-2020-29004
 	RESERVED
 CVE-2020-29003 (The PollNY extension for MediaWiki through 1.35 allows XSS via an answ ...)
-	TODO: check
+	NOT-FOR-US: PollNY MediaWiki extension
 CVE-2020-29002 (includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki ...)
-	TODO: check
+	NOT-FOR-US: CologneBlue MediaWiki skin
 CVE-2020-29001
 	RESERVED
 CVE-2020-29000
@@ -4241,7 +4241,7 @@ CVE-2020-28331 (Barco wePresent WiPG-1600W devices have Improper Access Control.
 CVE-2020-28330 (Barco wePresent WiPG-1600W devices have Unprotected Transport of Crede ...)
 	NOT-FOR-US: Barco wePresent WiPG-1600W devices
 CVE-2020-28329 (Barco wePresent WiPG-1600W firmware includes a hardcoded API account a ...)
-	TODO: check
+	NOT-FOR-US: Barco wePresent WiPG-1600W devices
 CVE-2020-28328 (SuiteCRM before 7.11.17 is vulnerable to remote code execution via the ...)
 	NOT-FOR-US: SuiteCRM
 CVE-2020-28327 (A res_pjsip_session crash was discovered in Asterisk Open Source 13.x  ...)
@@ -9443,11 +9443,11 @@ CVE-2020-26231 (October is a free, open-source, self-hosted CMS platform based o
 CVE-2020-26230 (Radar COVID is the official COVID-19 exposure notification app for Spa ...)
 	NOT-FOR-US: Radar COVID
 CVE-2020-26229 (TYPO3 is an open source PHP based web content management system. In TY ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2020-26228 (TYPO3 is an open source PHP based web content management system. In TY ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2020-26227 (TYPO3 is an open source PHP based web content management system. In TY ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2020-26226 (In the npm package semantic-release before version 17.2.3, secrets tha ...)
 	NOT-FOR-US: semantic-release nodejs module
 CVE-2020-26225 (In PrestaShop Product Comments before version 4.2.0, an attacker could ...)
@@ -58316,7 +58316,7 @@ CVE-2020-6018
 CVE-2020-6017
 	RESERVED
 CVE-2020-6016 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
-	TODO: check
+	NOT-FOR-US: Valve's Game Networking Sockets
 CVE-2020-6015 (Check Point Endpoint Security for Windows before E84.10 can reach deni ...)
 	NOT-FOR-US: Check Point Endpoint Security Client
 CVE-2020-6014 (Check Point Endpoint Security Client for Windows, with Anti-Bot or Thr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2142476e694c753d624d061a4ff008a0b3ca6dbc...b220494487b3b2a688b607428a1de524edcbfc16

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2142476e694c753d624d061a4ff008a0b3ca6dbc...b220494487b3b2a688b607428a1de524edcbfc16
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201125/20d3d040/attachment.html>

More information about the debian-security-tracker-commits mailing list