[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Sep 15 21:24:50 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0c0a2c31 by Salvatore Bonaccorso at 2020-09-15T22:24:38+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -40617,9 +40617,9 @@ CVE-2020-8342 (A race condition vulnerability was reported in Lenovo System Upda
 CVE-2020-8341 (In Lenovo systems, SMM BIOS Write Protection is used to prevent writes ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8340 (A cross-site scripting (XSS) vulnerability was discovered in the legac ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-8339 (A cross-site scripting inclusion (XSSI) vulnerability was reported in  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-8338
 	RESERVED
 CVE-2020-8337 (An unquoted search path vulnerability was reported in versions prior t ...)
@@ -49930,7 +49930,7 @@ CVE-2020-4713
 CVE-2020-4712
 	RESERVED
 CVE-2020-4711 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4710
 	RESERVED
 CVE-2020-4709
@@ -49946,7 +49946,7 @@ CVE-2020-4705
 CVE-2020-4704
 	RESERVED
 CVE-2020-4703 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4702 (IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-s ...)
 	NOT-FOR-US: IBM
 CVE-2020-4701
@@ -50292,7 +50292,7 @@ CVE-2020-4532 (IBM Business Automation Workflow and IBM Business Process Manager
 CVE-2020-4531
 	RESERVED
 CVE-2020-4530 (IBM Business Automation Workflow C.D.0 and IBM Business Process Manage ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4529 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server si ...)
 	NOT-FOR-US: IBM
 CVE-2020-4528
@@ -50300,7 +50300,7 @@ CVE-2020-4528
 CVE-2020-4527 (IBM Planning Analytics 2.0 could allow a remote attacker to obtain sen ...)
 	NOT-FOR-US: IBM
 CVE-2020-4526 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-sit ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4525 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
 	NOT-FOR-US: IBM
 CVE-2020-4524
@@ -50310,7 +50310,7 @@ CVE-2020-4523
 CVE-2020-4522 (IBM Jazz Team Server based Applications are vulnerable to cross-site s ...)
 	NOT-FOR-US: IBM
 CVE-2020-4521 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authe ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4520
 	RESERVED
 CVE-2020-4519
@@ -50664,7 +50664,7 @@ CVE-2020-4346 (IBM API Connect's V2018.4.1.0 through 2018.4.1.10 management serv
 CVE-2020-4345 (IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a s ...)
 	NOT-FOR-US: IBM
 CVE-2020-4344 (IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4343 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
 	NOT-FOR-US: IBM
 CVE-2020-4342 (IBM Security Secret Server 10.7 could disclose sensitive information i ...)
@@ -105264,7 +105264,7 @@ CVE-2019-4673
 CVE-2019-4672 (IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacke ...)
 	NOT-FOR-US: IBM
 CVE-2019-4671 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to SQL injec ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4670 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM
 CVE-2019-4669 (IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c0a2c3112141cd43569a9a7925aace20983b837

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c0a2c3112141cd43569a9a7925aace20983b837
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200915/307eeb89/attachment.html>

More information about the debian-security-tracker-commits mailing list