[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Sep 9 17:13:18 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e899b0a8 by Moritz Muehlenhoff at 2020-09-09T18:12:56+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32372,7 +32372,7 @@ CVE-2020-11160
 CVE-2020-11159
 	RESERVED
 CVE-2020-11158 (u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due t ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2020-11157
 	RESERVED
 CVE-2020-11156
@@ -87851,9 +87851,9 @@ CVE-2019-10631 (Shell Metacharacter Injection in the package installer on Zyxel
 CVE-2019-10630 (A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 a ...)
 	NOT-FOR-US: Zyxel
 CVE-2019-10629 (u'User Process can potentially corrupt kernel virtual page by passing  ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-10628 (u'Memory can be potentially corrupted if random index is allowed to ma ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-10627 (Integer overflow to buffer overflow vulnerability in PostScript image  ...)
 	NOT-FOR-US: Qualcomm
 CVE-2019-10626 (Payload size is not validated before reading memory that may cause iss ...)
@@ -87917,7 +87917,7 @@ CVE-2019-10598 (Out of bound access can occur while processing peer info in IBSS
 CVE-2019-10597 (kernel writes to user passed address without any checks can lead to ar ...)
 	NOT-FOR-US: Snapdragon
 CVE-2019-10596 (u'Improper access control can lead signed process to guess pid of othe ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-10595 (Possible buffer overwrite in message handler due to lack of validation ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2019-10594 (Stack overflow can occur when SDP is received with multiple payload ty ...)
@@ -88055,7 +88055,7 @@ CVE-2019-10529 (Possible use after free issue due to race condition while attemp
 CVE-2019-10528 (Use after free issue in kernel while accessing freed mdlog session inf ...)
 	NOT-FOR-US: Snapdragon
 CVE-2019-10527 (u'SMEM partition can be manipulated in case of any compromise on HLOS, ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-10526 (Out of bound write in WLAN driver due to NULL character not properly p ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2019-10525 (Buffer overflow during SIB read when network configures complete sib l ...)
@@ -136511,7 +136511,7 @@ CVE-2018-12477 (A Improper Neutralization of CRLF Sequences vulnerability in Ope
 CVE-2018-12476 (Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE L ...)
 	NOT-FOR-US: obs-service-tar_scm
 CVE-2018-12475 (A Externally Controlled Reference to a Resource in Another Sphere vuln ...)
-	TODO: check
+	NOT-FOR-US: obs-service-download_files
 CVE-2018-12474 (Improper input validation in obs-service-tar_scm of Open Build Service ...)
 	NOT-FOR-US: obs-service-tar_scm of Open Build Service
 CVE-2018-12473 (A path traversal traversal vulnerability in obs-service-tar_scm of Ope ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e899b0a85cbc4e3e6737af7ca8318faeec9b4ebe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e899b0a85cbc4e3e6737af7ca8318faeec9b4ebe
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200909/56572bb5/attachment.html>

More information about the debian-security-tracker-commits mailing list