[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Apr 6 21:27:57 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f125eb44 by Salvatore Bonaccorso at 2021-04-06T22:27:35+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -299,9 +299,9 @@ CVE-2021-30048
 CVE-2021-30047
 	RESERVED
 CVE-2021-30046 (VIGRA Computer Vision Library Version-1-11-1 contains a segmentation f ...)
-	TODO: check
+	NOT-FOR-US: VIGRA Computer Vision Library
 CVE-2021-30045 (SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the  ...)
-	TODO: check
+	NOT-FOR-US: SerenityOS
 CVE-2021-30044
 	RESERVED
 CVE-2021-30043
@@ -1174,9 +1174,9 @@ CVE-2021-29646 (An issue was discovered in the Linux kernel before 5.11.11. tipc
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/0217ed2848e8538bcf9172d97ed2eeb4a26041bb
 CVE-2020-36285 (Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Impro ...)
-	TODO: check
+	NOT-FOR-US: Union Pay
 CVE-2020-36284 (Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper  ...)
-	TODO: check
+	NOT-FOR-US: Union Pay
 CVE-2021-3480
 	RESERVED
 CVE-2021-3479 (There's a flaw in OpenEXR's Scanline API functionality in versions bef ...)
@@ -2886,7 +2886,7 @@ CVE-2021-28876
 CVE-2021-28875
 	RESERVED
 CVE-2021-28874 (SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contai ...)
-	TODO: check
+	NOT-FOR-US: SerenityOS
 CVE-2021-28873
 	RESERVED
 CVE-2021-28872
@@ -4404,11 +4404,11 @@ CVE-2021-28175 (The Radius configuration function in ASUS BMC’s firmware W
 CVE-2021-28174
 	RESERVED
 CVE-2021-28173 (The file upload function of Vangene deltaFlow E-platform does not perf ...)
-	TODO: check
+	NOT-FOR-US: Vangene deltaFlow E-platform
 CVE-2021-28172 (There is a Path Traversal vulnerability in the file download function  ...)
-	TODO: check
+	NOT-FOR-US: Vangene deltaFlow E-platform
 CVE-2021-28171 (The Vangene deltaFlow E-platform does not take properly protective mea ...)
-	TODO: check
+	NOT-FOR-US: Vangene deltaFlow E-platform
 CVE-2021-28170
 	RESERVED
 CVE-2021-28169
@@ -4527,7 +4527,7 @@ CVE-2021-28144 (prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows re
 CVE-2021-28143 (/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated  ...)
 	NOT-FOR-US: D-Link
 CVE-2021-28142 (CITSmart before 9.1.2.28 mishandles the "filtro de autocomplete." ...)
-	TODO: check
+	NOT-FOR-US: CITSmart
 CVE-2021-28141 (** DISPUTED ** An issue was discovered in Progress Telerik UI for ASP. ...)
 	NOT-FOR-US: Telerik
 CVE-2021-28140
@@ -4754,7 +4754,7 @@ CVE-2021-28077
 CVE-2021-28076
 	RESERVED
 CVE-2021-28075 (iKuaiOS 3.4.8 Build 202012291059 has an arbitrary file download vulner ...)
-	TODO: check
+	NOT-FOR-US: iKuaiOS
 CVE-2021-28074
 	RESERVED
 CVE-2021-28073
@@ -5624,9 +5624,9 @@ CVE-2021-27700
 CVE-2021-27699
 	RESERVED
 CVE-2021-27698 (RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/g ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-27697 (RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gn ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-27696
 	RESERVED
 CVE-2021-27695 (Multiple stored cross-site scripting (XSS) vulnerabilities in openMAIN ...)
@@ -6376,7 +6376,7 @@ CVE-2021-27359
 CVE-2021-27358 (The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unaut ...)
 	- grafana <removed>
 CVE-2021-27357 (RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/g ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-27356
 	RESERVED
 CVE-2021-27355
@@ -6409,7 +6409,7 @@ CVE-2021-27345
 CVE-2021-27344
 	RESERVED
 CVE-2021-27343 (SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: ...)
-	TODO: check
+	NOT-FOR-US: SerenityOS
 CVE-2021-27342
 	RESERVED
 CVE-2021-27341
@@ -7599,7 +7599,7 @@ CVE-2021-26835
 CVE-2021-26834
 	RESERVED
 CVE-2021-26833 (Code Execution vulnerability in Profile Picture upload in TimelyBills  ...)
-	TODO: check
+	NOT-FOR-US: TimelyBills App Budget, Expense tracker & Bills
 CVE-2021-26832
 	RESERVED
 CVE-2021-26831



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f125eb4485f836e54b78e05ddb5ed5885ec2e8bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f125eb4485f836e54b78e05ddb5ed5885ec2e8bd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210406/131a9173/attachment.htm>

More information about the debian-security-tracker-commits mailing list