[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Jan 2 09:47:37 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc1a7f2a by Salvatore Bonaccorso at 2021-01-02T10:47:14+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -223,21 +223,21 @@ CVE-2019-25009 (An issue was discovered in the http crate before 0.1.20 for Rust
 CVE-2019-25008 (An issue was discovered in the http crate before 0.1.20 for Rust. Head ...)
 	TODO: check
 CVE-2019-25007 (An issue was discovered in the streebog crate before 0.8.0 for Rust. T ...)
-	TODO: check
+	NOT-FOR-US: streebog rust crate
 CVE-2019-25006 (An issue was discovered in the streebog crate before 0.8.0 for Rust. T ...)
-	TODO: check
+	NOT-FOR-US: streebog rust crate
 CVE-2019-25005 (An issue was discovered in the chacha20 crate before 0.2.3 for Rust. A ...)
 	TODO: check
 CVE-2019-25004 (An issue was discovered in the flatbuffers crate before 0.6.1 for Rust ...)
-	TODO: check
+	NOT-FOR-US: flatbuffers rust crate
 CVE-2019-25003 (An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rus ...)
-	TODO: check
+	NOT-FOR-US: libsecp256k1 rust crate
 CVE-2019-25002 (An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust ...)
-	TODO: check
+	NOT-FOR-US: sodiumoxide rust crate
 CVE-2019-25001 (An issue was discovered in the serde_cbor crate before 0.10.2 for Rust ...)
 	TODO: check
 CVE-2018-25001 (An issue was discovered in the libpulse-binding crate before 2.5.0 for ...)
-	TODO: check
+	NOT-FOR-US: libpulse-binding rust crate
 CVE-2021-21493
 	RESERVED
 CVE-2021-21492
@@ -651,7 +651,7 @@ CVE-2020-35719
 CVE-2020-35718
 	RESERVED
 CVE-2020-35717 (zonote through 0.4.0 allows XSS via a crafted note, with resultant Rem ...)
-	TODO: check
+	NOT-FOR-US: zonote
 CVE-2020-35716 (Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attacker ...)
 	NOT-FOR-US: Belkin LINKSYS RE6500 devices
 CVE-2020-35715 (Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenti ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc1a7f2af72b4a9c3aca76ef4e1c6a01bd250293

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc1a7f2af72b4a9c3aca76ef4e1c6a01bd250293
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210102/5ac7b7ce/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list