[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue Apr 6 07:40:24 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f69ab45d by Moritz Muehlenhoff at 2021-04-06T08:39:59+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -109,7 +109,7 @@ CVE-2021-30076
 CVE-2021-30075
 	RESERVED
 CVE-2021-30074 (docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the s ...)
-	TODO: check
+	NOT-FOR-US: docsify
 CVE-2021-30073
 	RESERVED
 CVE-2021-30072 (An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. ...)
@@ -264,7 +264,7 @@ CVE-2021-29998
 CVE-2021-29997
 	RESERVED
 CVE-2021-29996 (Mark Text through 0.16.3 allows attackers arbitrary command execution. ...)
-	TODO: check
+	NOT-FOR-US: marktext
 CVE-2021-29995
 	RESERVED
 CVE-2021-29994
@@ -393,30 +393,30 @@ CVE-2021-29942 (An issue was discovered in the reorder crate through 2021-02-24
 CVE-2021-29941 (An issue was discovered in the reorder crate through 2021-02-24 for Ru ...)
 	NOT-FOR-US: reorder crate
 CVE-2021-29940 (An issue was discovered in the through crate through 2021-02-18 for Ru ...)
-	TODO: check
+	NOT-FOR-US: Rust crate through
 CVE-2021-29939 (An issue was discovered in the stackvector crate through 2021-02-19 fo ...)
 	- rust-stackvector <unfixed>
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0048.html
 CVE-2021-29938 (An issue was discovered in the slice-deque crate through 2021-02-19 fo ...)
-	TODO: check
+	NOT-FOR-US: Rust crate slice-deque
 CVE-2021-29937 (An issue was discovered in the telemetry crate through 2021-02-17 for  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate telemetry
 CVE-2021-29936 (An issue was discovered in the adtensor crate through 2021-01-11 for R ...)
-	TODO: check
+	NOT-FOR-US: Rust crate adtensor
 CVE-2021-29935 (An issue was discovered in the rocket crate before 0.4.7 for Rust. uri ...)
-	TODO: check
+	NOT-FOR-US: Rust crate rocket
 CVE-2021-29934 (An issue was discovered in PartialReader in the uu_od crate before 0.0 ...)
-	TODO: check
+	NOT-FOR-US: Rust crate uu_od
 CVE-2021-29933 (An issue was discovered in the insert_many crate through 2021-01-26 fo ...)
-	TODO: check
+	NOT-FOR-US: Rust crate insert_many
 CVE-2021-29932 (An issue was discovered in the parse_duration crate through 2021-03-18 ...)
-	TODO: check
+	NOT-FOR-US: Rust crate parse_duration
 CVE-2021-29931 (An issue was discovered in the arenavec crate through 2021-01-12 for R ...)
-	TODO: check
+	NOT-FOR-US: Rust crate arenavec
 CVE-2021-29930 (An issue was discovered in the arenavec crate through 2021-01-12 for R ...)
-	TODO: check
+	NOT-FOR-US: Rust crate arenavec
 CVE-2021-29929 (An issue was discovered in the endian_trait crate through 2021-01-04 f ...)
-	TODO: check
+	NOT-FOR-US: Rust crate endian_trait
 CVE-2021-29928
 	RESERVED
 CVE-2021-29927
@@ -1551,7 +1551,7 @@ CVE-2021-29420
 CVE-2021-29419
 	RESERVED
 CVE-2021-29418 (The netmask package before 2.0.1 for Node.js mishandles certain unexpe ...)
-	TODO: check
+	NOT-FOR-US: Node netmask
 CVE-2021-29417 (gitjacker before 0.1.0 allows remote attackers to execute arbitrary co ...)
 	NOT-FOR-US: gitjacker
 CVE-2021-29416 (An issue was discovered in PortSwigger Burp Suite before 2021.2. Durin ...)
@@ -2829,7 +2829,7 @@ CVE-2021-28834 (Kramdown before 2.3.1 does not restrict Rouge formatters to the
 CVE-2021-28833
 	RESERVED
 CVE-2021-28832 (VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via ...)
-	TODO: check
+	NOT-FOR-US: VSCodeVim
 CVE-2021-28831 (decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit ...)
 	{DLA-2614-1}
 	- busybox <unfixed> (bug #985674)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f69ab45d28b90637e4672b4e1c79ab64951107d8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f69ab45d28b90637e4672b4e1c79ab64951107d8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210406/92542100/attachment.htm>

More information about the debian-security-tracker-commits mailing list