[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3b908662 by Salvatore Bonaccorso at 2020-10-28T10:10:10+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2020-27958
 CVE-2020-27957 (The RandomGameUnit extension for MediaWiki through 1.35 was not proper ...)
 	TODO: check
 CVE-2020-27956 (An Arbitrary File Upload in the Upload Image component in SourceCodest ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Car Rental Management System
 CVE-2020-27955
 	RESERVED
 CVE-2020-27954
@@ -151,11 +151,11 @@ CVE-2020-27894
 CVE-2020-27893
 	RESERVED
 CVE-2020-27892 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
-	TODO: check
+	NOT-FOR-US: Texas Instruments CC2538 devices
 CVE-2020-27891 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
-	TODO: check
+	NOT-FOR-US: Texas Instruments CC2538 devices
 CVE-2020-27890 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
-	TODO: check
+	NOT-FOR-US: Texas Instruments CC2538 devices
 CVE-2020-27889
 	RESERVED
 CVE-2020-27888 (An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC- ...)
@@ -2275,11 +2275,11 @@ CVE-2020-27162
 CVE-2020-27161
 	RESERVED
 CVE-2020-27160 (Addressed remote code execution vulnerability in AvailableApps.php tha ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud NAS devices
 CVE-2020-27159 (Addressed remote code execution vulnerability in DsdkProxy.php due to  ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud NAS devices
 CVE-2020-27158 (Addressed remote code execution vulnerability in cgi_api.php that allo ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud NAS devices
 CVE-2020-27157 (Veritas APTARE versions prior to 10.5 included code that bypassed the  ...)
 	NOT-FOR-US: Veritas
 CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate authori ...)
@@ -5266,7 +5266,7 @@ CVE-2020-25767
 CVE-2020-25766 (An issue was discovered in MISP before 2.4.132. It can perform an unwa ...)
 	NOT-FOR-US: MISP
 CVE-2020-25765 (Addressed remote code execution vulnerability in reg_device.php due to ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud Devices
 CVE-2020-25764
 	RESERVED
 CVE-2020-25763 (Seat Reservation System version 1.0 suffers from an Unauthenticated Fi ...)
@@ -33862,7 +33862,7 @@ CVE-2020-12831 (** DISPUTED ** An issue was discovered in FRRouting FRR (aka Fre
 	NOTE: https://github.com/FRRouting/frr/pull/6383
 	NOTE: https://github.com/FRRouting/frr/commit/7734484a378052a513c9e21165c13bf85f78ad48
 CVE-2020-12830 (Addressed multiple stack buffer overflow vulnerabilities that could al ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud devices
 CVE-2020-12829 (In QEMU through 5.0.0, an integer overflow was found in the SM501 disp ...)
 	{DSA-4760-1}
 	- qemu 1:5.0-12 (low; bug #961451)
@@ -42761,7 +42761,7 @@ CVE-2020-9984 (An out-of-bounds read was addressed with improved input validatio
 CVE-2020-9983 (An out-of-bounds write issue was addressed with improved bounds checki ...)
 	NOT-FOR-US: Safari
 CVE-2020-9982 (This issue was addressed with improved checks to prevent unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9981
 	RESERVED
 CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds checki ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b908662640850e04bdfe4cc8e1927437e236af5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b908662640850e04bdfe4cc8e1927437e236af5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201028/812f2a2a/attachment.html>