[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Oct 23 20:45:59 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
85caf239 by Salvatore Bonaccorso at 2020-10-23T21:45:36+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -42217,7 +42217,7 @@ CVE-2020-9865 (A memory corruption issue was addressed by removing the vulnerabl
 CVE-2020-9864 (A logic issue was addressed with improved restrictions. This issue is  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9863 (A memory initialization issue was addressed with improved memory handl ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue was add ...)
 	{DSA-4739-1}
 	- webkit2gtk 2.28.4-1
@@ -42242,7 +42242,7 @@ CVE-2020-9855 (A validation issue existed in the handling of symlinks. This issu
 CVE-2020-9854 (A logic issue was addressed with improved validation. This issue is fi ...)
 	TODO: check
 CVE-2020-9853 (A memory corruption issue was addressed with improved validation. This ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9852 (An integer overflow was addressed through improved input validation. T ...)
 	NOT-FOR-US: Apple
 CVE-2020-9851 (An access issue was addressed with improved access restrictions. This  ...)
@@ -42391,7 +42391,7 @@ CVE-2020-9798
 CVE-2020-9797 (An information disclosure issue was addressed by removing the vulnerab ...)
 	NOT-FOR-US: Apple
 CVE-2020-9796 (A race condition was addressed with improved state handling. This issu ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9795 (A use after free issue was addressed with improved memory management.  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9794 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
@@ -42426,7 +42426,7 @@ CVE-2020-9781 (The issue was addressed by clearing website permission prompts af
 CVE-2020-9780 (The issue was resolved by clearing application previews when content i ...)
 	NOT-FOR-US: Apple
 CVE-2020-9779 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9778
 	RESERVED
 CVE-2020-9777 (An issue existed in the selection of video file by Mail. The issue was ...)
@@ -76344,11 +76344,11 @@ CVE-2019-16131 (framework/admin/modulec_control.php in OKLite v1.2.25 has an Arb
 CVE-2019-16130 (YII2-CMS v1.0 has XSS in protected\core\modules\home\models\Contact.ph ...)
 	NOT-FOR-US: YII2-CMS
 CVE-2019-16129 (Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 ...)
-	TODO: check
+	NOT-FOR-US: Microchip CryptoAuthentication Library CryptoAuthLib
 CVE-2019-16128 (Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 ...)
-	TODO: check
+	NOT-FOR-US: Microchip CryptoAuthentication Library CryptoAuthLib
 CVE-2019-16127 (Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow. ...)
-	TODO: check
+	NOT-FOR-US: Atmel Advanced Software Framework (ASF) 4
 CVE-2019-16126 (Grav through 1.6.15 allows (Stored) Cross-Site Scripting due to JavaSc ...)
 	NOT-FOR-US: Grav CMS
 CVE-2019-16125 (In Jobberbase 2.0, the parameter category is not sanitized in public/p ...)
@@ -80968,23 +80968,23 @@ CVE-2019-14721 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an
 CVE-2019-14720
 	RESERVED
 CVE-2019-14719 (Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow  ...)
-	TODO: check
+	NOT-FOR-US: Verifone MX900 series Pinpad Payment Terminals
 CVE-2019-14718 (Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have I ...)
-	TODO: check
+	NOT-FOR-US: Verifone MX900 series Pinpad Payment Terminals
 CVE-2019-14717 (Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 hav ...)
-	TODO: check
+	NOT-FOR-US: Verifone Verix OS on VerixV Pinpad Payment Terminals
 CVE-2019-14716 (Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocum ...)
-	TODO: check
+	NOT-FOR-US: Verifone VerixV Pinpad Payment Terminals
 CVE-2019-14715 (Verifone Pinpad Payment Terminals allow undocumented physical access t ...)
-	TODO: check
+	NOT-FOR-US: Verifone Pinpad Payment Terminals
 CVE-2019-14714
 	RESERVED
 CVE-2019-14713 (Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow  ...)
-	TODO: check
+	NOT-FOR-US: Verifone MX900 series Pinpad Payment Terminals
 CVE-2019-14712 (Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of ...)
-	TODO: check
+	NOT-FOR-US: Verifone VerixV Pinpad Payment Terminals
 CVE-2019-14711 (Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a ...)
-	TODO: check
+	NOT-FOR-US: Verifone MX900 series Pinpad Payment Terminals
 CVE-2019-14710
 	RESERVED
 CVE-2019-14709 (A cleartext password storage issue was discovered on MicroDigital N-se ...)
@@ -154729,7 +154729,7 @@ CVE-2018-8064
 CVE-2018-8063
 	RESERVED
 CVE-2018-8062 (A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devic ...)
-	TODO: check
+	NOT-FOR-US: Comtrend
 CVE-2018-8061 (HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileg ...)
 	NOT-FOR-US: HWiNFO AMD64 Kernel driver
 CVE-2018-8060 (HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileg ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85caf239d9f6d2cc1d86f72134cc87d621fb79ec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85caf239d9f6d2cc1d86f72134cc87d621fb79ec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201023/a79180f7/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list