[Git][security-tracker-team/security-tracker][master] golang-github-go-ethereum: Replace some NFUs with ITP referenced entry

Salvatore Bonaccorso carnil at debian.org
Fri Nov 27 04:55:43 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
21e65b51 by Salvatore Bonaccorso at 2020-11-27T05:54:47+01:00
golang-github-go-ethereum: Replace some NFUs with ITP referenced entry

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9662,11 +9662,11 @@ CVE-2020-26243 (Nanopb is a small code-size Protocol Buffers implementation. In
 	NOTE: https://github.com/nanopb/nanopb/commit/edf6dcbffee4d614ac0c2c1b258ab95185bdb6e9 (0.4.4)
 	NOTE: https://github.com/nanopb/nanopb/issues/615
 CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
-	NOT-FOR-US: Go Ethereum
+	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
-	NOT-FOR-US: Go Ethereum
+	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2020-26240 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
-	NOT-FOR-US: Go Ethereum
+	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and Firefox ...)
 	NOT-FOR-US: Scratch Addons
 CVE-2020-26238 (Cron-utils is a Java library to parse, validate, migrate crons as well ...)
@@ -120988,7 +120988,7 @@ CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote
 CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attac ...)
 	NOT-FOR-US: DiscuzX
 CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of se ...)
-	NOT-FOR-US: Go Ethereum
+	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access C ...)
 	NOT-FOR-US: webERP
 CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add a ...)
@@ -131877,7 +131877,7 @@ CVE-2018-19186 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2
 CVE-2018-19185 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
 	NOT-FOR-US: libIEC61850
 CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to ...)
-	NOT-FOR-US: Go Ethereum
+	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2018-19183 (ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm. ...)
 	NOT-FOR-US: ethereumjs-vm
 CVE-2018-19182 (Engelsystem before commit hash 2e28336 allows CSRF. ...)
@@ -138448,7 +138448,7 @@ CVE-2018-16735
 CVE-2018-16734
 	RESERVED
 CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer. ...)
-	NOT-FOR-US: Go Ethereum
+	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via adm ...)
 	NOT-FOR-US: CScms
 CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding the php ...)
@@ -150906,7 +150906,7 @@ CVE-2018-12019 (The signature verification routine in Enigmail before 2.0.7 inte
 	NOTE: https://www.openwall.com/lists/oss-security/2018/06/13/10
 	NOTE: https://neopg.io/blog/enigmail-signature-spoof/
 CVE-2018-12018 (The GetBlockHeadersMsg handler in the LES protocol implementation in G ...)
-	NOT-FOR-US: Go Ethereum
+	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2018-12017
 	RESERVED
 CVE-2018-12016 (libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows rem ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e65b511b0d8523617bdba4901ca61d62129b24

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e65b511b0d8523617bdba4901ca61d62129b24
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201127/79b95a54/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list