[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Apr 21 09:38:35 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b6566bec by Moritz Muehlenhoff at 2021-04-21T10:38:16+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2182,7 +2182,7 @@ CVE-2021-30498
 CVE-2021-30497
 	RESERVED
 CVE-2021-30496 (The Telegram app 7.6.2 for iOS allows remote authenticated users to ca ...)
-	TODO: check
+	NOT-FOR-US: Telegram for iOS
 CVE-2021-30495
 	RESERVED
 CVE-2021-30494 (Multiple system services installed alongside the Razer Synapse 3 softw ...)
@@ -4559,7 +4559,7 @@ CVE-2021-29461 (### Impact - This issue could be exploited to read internal file
 CVE-2021-29460
 	RESERVED
 CVE-2021-29459 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2021-29458 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed> (bug #987277)
 	[buster] - exiv2 <no-dsa> (Minor issue)
@@ -4579,7 +4579,7 @@ CVE-2021-29455 (Grassroot Platform is an application to make it faster, cheaper
 CVE-2021-29454
 	RESERVED
 CVE-2021-29453 (matrix-media-repo is an open-source multi-domain media repository for  ...)
-	TODO: check
+	NOT-FOR-US: matrix-media-repo
 CVE-2021-29452 (a12n-server is an npm package which aims to provide a simple authentic ...)
 	NOT-FOR-US: Node a12n-server
 CVE-2021-29451 (Portofino is an open source web development framework. Portofino befor ...)
@@ -6027,11 +6027,11 @@ CVE-2021-27851 [Local privilege escalation via guix-daemon and --keep-failed]
 CVE-2021-28830
 	RESERVED
 CVE-2021-28829 (The Administration GUI component of TIBCO Software Inc.'s TIBCO Admini ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2021-28828 (The Administration GUI component of TIBCO Software Inc.'s TIBCO Admini ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2021-28827 (The Administration GUI component of TIBCO Software Inc.'s TIBCO Admini ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2021-28826 (The Windows Installation component of TIBCO Software Inc.'s TIBCO Mess ...)
 	NOT-FOR-US: TIBCO
 CVE-2021-28825 (The Windows Installation component of TIBCO Software Inc.'s TIBCO Mess ...)
@@ -6099,7 +6099,7 @@ CVE-2021-28795
 CVE-2021-28794 (The unofficial ShellCheck extension before 0.13.4 for Visual Studio Co ...)
 	NOT-FOR-US: ShellCheck extension for Visual Studio Code
 CVE-2021-28793 (vscode-restructuredtext before 146.0.0 contains an incorrect access co ...)
-	TODO: check
+	NOT-FOR-US: vscode-restructuredtext
 CVE-2021-28792 (The unofficial Swift Development Environment extension before 2.12.1 f ...)
 	NOT-FOR-US: Swift Development Environment extension for Visual Studio Code
 CVE-2021-28791 (The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Co ...)
@@ -6773,7 +6773,7 @@ CVE-2021-3444 (The bpf verifier in the Linux kernel did not properly handle mod3
 	NOTE: https://git.kernel.org/linus/9b00f1b78809309163dda2d044d9e94a3c0248a3
 	NOTE: https://www.openwall.com/lists/oss-security/2021/03/23/2
 CVE-2021-28492 (Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, an ...)
-	TODO: check
+	NOT-FOR-US: Unisys Stealth
 CVE-2021-28491
 	RESERVED
 CVE-2021-28490
@@ -9189,7 +9189,7 @@ CVE-2021-27460
 CVE-2021-27459
 	RESERVED
 CVE-2021-27458 (If Ethernet communication of the JTEKT Corporation TOYOPUC product ser ...)
-	TODO: check
+	NOT-FOR-US: JTEKT Corporation TOYOPUC
 CVE-2021-27457
 	RESERVED
 CVE-2021-27456
@@ -32833,7 +32833,7 @@ CVE-2020-28900
 CVE-2020-28899 (The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does  ...)
 	NOT-FOR-US: ZyXEL
 CVE-2020-28898 (In QED ResourceXpress through 4.9k, a large numeric or alphanumeric va ...)
-	TODO: check
+	NOT-FOR-US: QED ResourceXpress
 CVE-2020-28897
 	RESERVED
 CVE-2020-28896 (Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $s ...)
@@ -34617,7 +34617,7 @@ CVE-2021-1081
 CVE-2021-1080
 	RESERVED
 CVE-2021-1079 (NVIDIA GeForce Experience, all versions prior to 3.22, contains a vuln ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1078
 	RESERVED
 CVE-2021-1077
@@ -87231,7 +87231,7 @@ CVE-2020-7853 (An outbound read/write vulnerability exists in XPLATFORM that doe
 CVE-2020-7852 (DaviewIndy has a Heap-based overflow vulnerability, triggered when the ...)
 	NOT-FOR-US: DaviewIndy
 CVE-2020-7851 (Innorix Web-Based File Transfer Solution versuibs prior to and includi ...)
-	TODO: check
+	NOT-FOR-US: Innorix
 CVE-2020-7850 (NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerabilit ...)
 	NOT-FOR-US: NBBDownloader.ocx ActiveX Control in Groupware
 CVE-2020-7849 (A vulnerability of uPrism.io CURIX(Video conferecing solution) could a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6566bec5f3f0d69be7e4e1e48677cd1877f6de8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6566bec5f3f0d69be7e4e1e48677cd1877f6de8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210421/2e794479/attachment.htm>

More information about the debian-security-tracker-commits mailing list