[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Thu Sep 24 14:56:51 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ed4e54b by Moritz Muehlenhoff at 2020-09-24T15:56:35+02:00
NFUs
puppet n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4003,7 +4003,7 @@ CVE-2020-24215
 CVE-2020-24214
 	RESERVED
 CVE-2020-24213 (An integer overflow was discovered in YGOPro ygocore v13.51. Attackers ...)
-	TODO: check
+	NOT-FOR-US: ygocore
 CVE-2020-24212
 	REJECTED
 CVE-2020-24211
@@ -42734,10 +42734,7 @@ CVE-2020-7945 (Local registry credentials were included directly in the CD4PE de
 CVE-2020-7944 (In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, cha ...)
 	NOT-FOR-US: Puppet Enterprise
 CVE-2020-7943 (Puppet Server and PuppetDB provide useful performance and debugging in ...)
-	- puppet <unfixed> (low)
-	[stretch] - puppet <no-dsa> (Minor issue)
-	[buster] - puppet <no-dsa> (Minor issue)
-	[jessie] - puppet <not-affected> (vulnerable code not present)
+	- puppet <not-affected> (Doesn't affect Puppet masters (passenger-based) in Debian)
 	- puppetdb <unfixed> (low)
 	[buster] - puppetdb <no-dsa> (Minor issue)
 	NOTE: https://puppet.com/security/cve/CVE-2020-7943/
@@ -48162,11 +48159,11 @@ CVE-2020-5785
 CVE-2020-5784
 	RESERVED
 CVE-2020-5783 (In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does n ...)
-	TODO: check
+	NOT-FOR-US: IgniteNet HeliOS GLinq
 CVE-2020-5782 (In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ...)
-	TODO: check
+	NOT-FOR-US: IgniteNet HeliOS GLinq
 CVE-2020-5781 (In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is ...)
-	TODO: check
+	NOT-FOR-US: IgniteNet HeliOS GLinq
 CVE-2020-5780 (Missing Authentication for Critical Function in Icegram Email Subscrib ...)
 	NOT-FOR-US: Icegram Email Subscribers & Newsletters Plugin for WordPress
 CVE-2020-5779 (A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ed4e54be74f1abddabc989e720725623c4d75ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ed4e54be74f1abddabc989e720725623c4d75ea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200924/25f519e9/attachment.html>

More information about the debian-security-tracker-commits mailing list