[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Aug 9 22:26:08 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
86a6428e by Moritz Mühlenhoff at 2021-08-09T23:25:50+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,7 +25,7 @@ CVE-2021-38292
 CVE-2021-38291
 	RESERVED
 CVE-2021-38290 (A host header attack vulnerability exists in FUEL CMS 1.5.0 through fu ...)
-	TODO: check
+	NOT-FOR-US: FUEL CMS
 CVE-2021-38289
 	RESERVED
 CVE-2021-38288
@@ -231,25 +231,25 @@ CVE-2021-38198 (arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.1
 	- linux 5.10.46-1
 	NOTE: https://git.kernel.org/linus/b1bd5cba3306691c771d558e94baa73e8b0b96b7
 CVE-2021-38197 (unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Director ...)
-	TODO: check
+	NOT-FOR-US: Go unarr
 CVE-2021-38196 (An issue was discovered in the better-macro crate through 2021-07-22 f ...)
-	TODO: check
+	NOT-FOR-US: Rust crate better macto
 CVE-2021-38195 (An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rus ...)
-	TODO: check
+	NOT-FOR-US: Rust crate libsecp256k1
 CVE-2021-38194 (An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rus ...)
-	TODO: check
+	NOT-FOR-US: Rust crate ark-r1cs-std
 CVE-2021-38192 (An issue was discovered in the prost-types crate before 0.8.0 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate prost-types
 CVE-2021-38190 (An issue was discovered in the nalgebra crate before 0.27.1 for Rust.  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate nalgebra
 CVE-2021-38189 (An issue was discovered in the lettre crate before 0.9.6 for Rust. In  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate lettre
 CVE-2021-38188 (An issue was discovered in the iced-x86 crate through 1.10.3 for Rust. ...)
-	TODO: check
+	NOT-FOR-US: Rust crate iced-x86
 CVE-2021-38187 (An issue was discovered in the anymap crate through 0.12.1 for Rust. I ...)
 	TODO: check
 CVE-2021-38186 (An issue was discovered in the comrak crate before 0.10.1 for Rust. It ...)
-	TODO: check
+	NOT-FOR-US: Rust crate comrak
 CVE-2021-38185 (GNU cpio through 2.13 allows attackers to execute arbitrary code via a ...)
 	- cpio <unfixed>
 	NOTE: https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dd96882877721703e19272fe25034560b794061b
@@ -281,87 +281,87 @@ CVE-2021-38174
 CVE-2021-3689
 	RESERVED
 CVE-2020-36472 (An issue was discovered in the max7301 crate before 0.2.0 for Rust. Th ...)
-	TODO: check
+	NOT-FOR-US: Rust crate max7301
 CVE-2020-36471 (An issue was discovered in the generator crate before 0.7.0 for Rust.  ...)
 	TODO: check
 CVE-2020-36470 (An issue was discovered in the disrustor crate through 2020-12-17 for  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate disrustor
 CVE-2020-36469 (An issue was discovered in the appendix crate through 2020-11-15 for R ...)
-	TODO: check
+	NOT-FOR-US: Rust crate appendix
 CVE-2020-36468 (An issue was discovered in the cgc crate through 2020-12-10 for Rust.  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate cgc
 CVE-2020-36467 (An issue was discovered in the cgc crate through 2020-12-10 for Rust.  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate cgc
 CVE-2020-36466 (An issue was discovered in the cgc crate through 2020-12-10 for Rust.  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate cgc
 CVE-2020-36465 (An issue was discovered in the generic-array crate before 0.13.3 for R ...)
 	TODO: check
 CVE-2020-36464 (An issue was discovered in the heapless crate before 0.6.1 for Rust. T ...)
-	TODO: check
+	NOT-FOR-US: Rust crate heapless
 CVE-2020-36463 (An issue was discovered in the multiqueue crate through 2020-12-25 for ...)
-	TODO: check
+	NOT-FOR-US: Rust crate multiqueue
 CVE-2020-36462 (An issue was discovered in the syncpool crate before 0.1.6 for Rust. T ...)
-	TODO: check
+	NOT-FOR-US: Rust crate syncpool
 CVE-2020-36461 (An issue was discovered in the noise_search crate through 2020-12-10 f ...)
-	TODO: check
+	NOT-FOR-US: Rust crate noise_search
 CVE-2020-36460 (An issue was discovered in the model crate through 2020-11-10 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate model
 CVE-2020-36459 (An issue was discovered in the dces crate through 2020-12-09 for Rust. ...)
-	TODO: check
+	NOT-FOR-US: Rust crate dces
 CVE-2020-36458 (An issue was discovered in the lexer crate through 2020-11-10 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate lexer
 CVE-2020-36457 (An issue was discovered in the lever crate before 0.1.1 for Rust. Atom ...)
-	TODO: check
+	NOT-FOR-US: Rust crate lever
 CVE-2020-36456 (An issue was discovered in the toolshed crate through 2020-11-15 for R ...)
-	TODO: check
+	NOT-FOR-US: Rust crate toolshed
 CVE-2020-36455 (An issue was discovered in the slock crate through 2020-11-17 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate slock
 CVE-2020-36454 (An issue was discovered in the parc crate through 2020-11-14 for Rust. ...)
-	TODO: check
+	NOT-FOR-US: Rust crate parc
 CVE-2020-36453 (An issue was discovered in the scottqueue crate through 2020-11-15 for ...)
-	TODO: check
+	NOT-FOR-US: Rust crate scottqueue
 CVE-2020-36452 (An issue was discovered in the array-tools crate before 0.3.2 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate array-tools
 CVE-2020-36451 (An issue was discovered in the rcu_cell crate through 2020-11-14 for R ...)
-	TODO: check
+	NOT-FOR-US: Rust crate rcu_cell
 CVE-2020-36450 (An issue was discovered in the bunch crate through 2020-11-12 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate bunch
 CVE-2020-36449 (An issue was discovered in the kekbit crate before 0.3.4 for Rust. For ...)
-	TODO: check
+	NOT-FOR-US: Rust crate kekbit
 CVE-2020-36448 (An issue was discovered in the cache crate through 2020-11-24 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate cache
 CVE-2020-36447 (An issue was discovered in the v9 crate through 2020-12-18 for Rust. T ...)
-	TODO: check
+	NOT-FOR-US: Rust crate v9
 CVE-2020-36446 (An issue was discovered in the signal-simple crate through 2020-11-15  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate signal-simple
 CVE-2020-36445 (An issue was discovered in the convec crate through 2020-11-24 for Rus ...)
-	TODO: check
+	NOT-FOR-US: Rust crate convec
 CVE-2020-36444 (An issue was discovered in the async-coap crate through 2020-12-08 for ...)
-	TODO: check
+	NOT-FOR-US: Rust crate async-coap
 CVE-2020-36443 (An issue was discovered in the libp2p-deflate crate before 0.27.1 for  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate libp2p-deflate
 CVE-2020-36442 (An issue was discovered in the beef crate before 0.5.0 for Rust. beef: ...)
-	TODO: check
+	NOT-FOR-US: Rust crate beef
 CVE-2020-36441 (An issue was discovered in the abox crate before 0.4.1 for Rust. It im ...)
-	TODO: check
+	NOT-FOR-US: Rust crate abox
 CVE-2020-36440 (An issue was discovered in the libsbc crate before 0.1.5 for Rust. For ...)
-	TODO: check
+	NOT-FOR-US: Rust crate libsbc
 CVE-2020-36439 (An issue was discovered in the ticketed_lock crate before 0.3.0 for Ru ...)
-	TODO: check
+	NOT-FOR-US: Rust crate ticketed_lock
 CVE-2020-36438 (An issue was discovered in the tiny_future crate before 0.4.0 for Rust ...)
-	TODO: check
+	NOT-FOR-US: Rust crate tiny_future
 CVE-2020-36437 (An issue was discovered in the conqueue crate before 0.4.0 for Rust. T ...)
-	TODO: check
+	NOT-FOR-US: Rust crate conqueue
 CVE-2020-36436 (An issue was discovered in the unicycle crate before 0.7.1 for Rust. P ...)
-	TODO: check
+	NOT-FOR-US: Rust crate unicycle
 CVE-2020-36435 (An issue was discovered in the ruspiro-singleton crate before 0.4.1 fo ...)
-	TODO: check
+	NOT-FOR-US: Rust crate ruspiro-singleton
 CVE-2020-36434 (An issue was discovered in the sys-info crate before 0.8.0 for Rust. s ...)
-	TODO: check
+	NOT-FOR-US: Rust crate sys-info
 CVE-2020-36433 (An issue was discovered in the chunky crate through 2020-08-25 for Rus ...)
-	TODO: check
+	NOT-FOR-US: Rust crate chunky
 CVE-2020-36432 (An issue was discovered in the alg_ds crate through 2020-08-25 for Rus ...)
-	TODO: check
+	NOT-FOR-US: Rust crate alg_ds
 CVE-2021-38173 (Btrbk before 0.31.2 allows command execution because of the mishandlin ...)
 	- btrbk 0.27.1-2
 	NOTE: Fixed by: https://github.com/digint/btrbk/commit/58212de771c381cd4fa05625927080bf264e9584 (v0.31.2)
@@ -1207,7 +1207,7 @@ CVE-2021-37790
 CVE-2021-37789
 	RESERVED
 CVE-2021-37788 (A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could all ...)
-	TODO: check
+	NOT-FOR-US: Gurock TestRail
 CVE-2021-37787
 	RESERVED
 CVE-2021-37786



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86a6428ee121484882a0c0f8c5dd052e5b3ce371

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86a6428ee121484882a0c0f8c5dd052e5b3ce371
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210809/639bbb32/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list