[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Feb 3 17:01:59 GMT 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8c78225c by Moritz Muehlenhoff at 2021-02-03T18:01:42+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -721,13 +721,13 @@ CVE-2021-3336 (DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does
 	- wolfssl <unfixed>
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/3676
 CVE-2021-26308 (An issue was discovered in the marc crate before 2.0.0 for Rust. A use ...)
-	TODO: check
+	NOT-FOR-US: Rust marc
 CVE-2021-26307 (An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust.  ...)
-	TODO: check
+	NOT-FOR-US: Rust raw-cpuid
 CVE-2021-26306 (An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust.  ...)
-	TODO: check
+	NOT-FOR-US: Rust raw-cpuid
 CVE-2021-26305 (An issue was discovered in Deserializer::read_vec in the cdr crate bef ...)
-	TODO: check
+	NOT-FOR-US: Rust Deserializer::read_vec
 CVE-2021-26304 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XS ...)
 	NOT-FOR-US: PHPGurukul Daily Expense Tracker System
 CVE-2021-26303 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XS ...)
@@ -1664,7 +1664,7 @@ CVE-2021-25914
 CVE-2021-25913
 	RESERVED
 CVE-2021-25912 (Prototype pollution vulnerability in 'dotty' versions 0.0.1 through 0. ...)
-	TODO: check
+	NOT-FOR-US: Node dotty
 CVE-2018-25003
 	RESERVED
 CVE-2021-25911
@@ -7444,7 +7444,7 @@ CVE-2021-23332
 CVE-2021-23331
 	RESERVED
 CVE-2021-23330 (All versions of package launchpad are vulnerable to Command Injection  ...)
-	TODO: check
+	NOT-FOR-US: Node launchpad
 CVE-2021-23329 (The package nested-object-assign before 1.0.4 are vulnerable to Protot ...)
 	TODO: check
 CVE-2021-23328 (This affects all versions of package iniparserjs. This vulnerability r ...)
@@ -7562,7 +7562,7 @@ CVE-2021-23273
 CVE-2021-23272 (The Application Development Clients component of TIBCO Software Inc.'s ...)
 	NOT-FOR-US: TIBCO
 CVE-2021-23271 (The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX  ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2021-3113 (Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers  ...)
 	NOT-FOR-US: Netsia SEBA+
 CVE-2021-23270



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c78225c10f82a5cc7c3d8cecfea5ea094842712

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c78225c10f82a5cc7c3d8cecfea5ea094842712
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210203/480fc686/attachment.html>

More information about the debian-security-tracker-commits mailing list