[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Sep 19 09:19:32 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c3485f5b by Salvatore Bonaccorso at 2020-09-19T10:19:00+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31396,7 +31396,7 @@ CVE-2019-20769 (An issue was discovered in LG PC Suite for LG G3 and earlier (ak
 CVE-2020-11862
 	RESERVED
 CVE-2020-11861 (Unauthorized escalation of local privileges vulnerability on Micro Foc ...)
-	TODO: check
+	NOT-FOR-US: Micro Focus
 CVE-2020-11860
 	RESERVED
 CVE-2020-11859
@@ -41202,7 +41202,7 @@ CVE-2020-8255
 CVE-2020-8254
 	RESERVED
 CVE-2020-8253 (Improper authentication in Citrix XenMobile Server 10.12 before RP2, C ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8252 (The implementation of realpath in libuv < 10.22.1, < 12.18.4, an ...)
 	- libuv1 1.39.0-1
 	NOTE: https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#fs-realpath-native-on-may-cause-buffer-overflow-medium-cve-2020-8252
@@ -41218,11 +41218,11 @@ CVE-2020-8249
 CVE-2020-8248
 	RESERVED
 CVE-2020-8247 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and N ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8246 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and N ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8245 (Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8244 (A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, &l ...)
 	- node-bl 4.0.3-1 (bug #969309)
 	[buster] - node-bl <no-dsa> (Minor issue)
@@ -41334,7 +41334,7 @@ CVE-2020-8201 (Node.js < 12.18.4 and < 14.11 can be exploited to perform H
 	[stretch] - nodejs <not-affected> (Only affects 12.x and later)
 	NOTE: https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#http-request-smuggling-due-to-cr-to-hyphen-conversion-high-cve-2020-8201
 CVE-2020-8200 (Improper authentication in Citrix StoreFront Server < 1912.0.1000 a ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8199 (Improper access control in Citrix ADC Gateway Linux client versions be ...)
 	NOT-FOR-US: Citrix
 CVE-2020-8198 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3485f5b3902b7c4c9186ef04785384f661974cb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3485f5b3902b7c4c9186ef04785384f661974cb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200919/213bd46a/attachment.html>

More information about the debian-security-tracker-commits mailing list