[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jul 13 15:19:09 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d645196 by Moritz Muehlenhoff at 2021-07-13T16:18:47+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -706,7 +706,7 @@ CVE-2021-36385
 CVE-2021-36384
 	RESERVED
 CVE-2021-36383 (Xen Orchestra (with xo-web through 5.80.0 and xo-server through 5.84.0 ...)
-	TODO: check
+	NOT-FOR-US: Xen Orchestra
 CVE-2021-36382 (Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows  ...)
 	NOT-FOR-US: Devolutions Server
 CVE-2021-36381 (In Edifecs Transaction Management through 2021-07-12, an unauthenticat ...)
@@ -8925,7 +8925,7 @@ CVE-2021-32756
 CVE-2021-32755
 	RESERVED
 CVE-2021-32754 (FlowDroid is a data flow analysis tool. FlowDroid versions prior to 2. ...)
-	TODO: check
+	NOT-FOR-US: FlowDroid
 CVE-2021-32753 (EdgeX Foundry is an open source project for building a common open fra ...)
 	NOT-FOR-US: EdgeX Foundry
 CVE-2021-32752 (Ether Logs is a package that allows one to check one's logs in the Cra ...)
@@ -8951,7 +8951,7 @@ CVE-2021-32743
 CVE-2021-32742 (Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug  ...)
 	NOT-FOR-US: Vapor
 CVE-2021-32741 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2021-32740 (Addressable is an alternative implementation to the URI implementation ...)
 	- ruby-addressable 2.7.0-2 (bug #990791)
 	NOTE: https://github.com/sporkmonger/addressable/security/advisories/GHSA-jxhc-q857-3j6g
@@ -8967,9 +8967,9 @@ CVE-2021-32736 (think-helper defines a set of helper functions for ThinkJS. In v
 CVE-2021-32735 (Kirby is a content management system. In Kirby CMS versions 3.5.5 and  ...)
 	NOT-FOR-US: Kirby
 CVE-2021-32734 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2021-32733 (Nextcloud Text is a collaborative document editing application that us ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Text
 CVE-2021-32732
 	RESERVED
 CVE-2021-32731 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
@@ -8981,11 +8981,11 @@ CVE-2021-32729 (XWiki Platform is a generic wiki platform offering runtime servi
 CVE-2021-32728
 	RESERVED
 CVE-2021-32727 (Nextcloud Android Client is the Android client for Nextcloud. Clients  ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android Client
 CVE-2021-32726 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2021-32725 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2021-32724
 	RESERVED
 CVE-2021-32723 (Prism is a syntax highlighting library. Some languages before 1.24.0 a ...)
@@ -9029,7 +9029,7 @@ CVE-2021-32709 (Shopware is an open source eCommerce platform. Creation of order
 CVE-2021-32708 (Flysystem is an open source file storage library for PHP. The whitespa ...)
 	NOT-FOR-US: Flysystem
 CVE-2021-32707 (Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6 ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Mail
 CVE-2021-32706
 	RESERVED
 CVE-2021-32705 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
@@ -9068,7 +9068,7 @@ CVE-2021-32691 (Apollos Apps is an open source platform for launching church-rel
 CVE-2021-32690 (Helm is a tool for managing Charts (packages of pre-configured Kuberne ...)
 	- helm-kubernetes <itp> (bug #910799)
 CVE-2021-32689 (Nextcloud Talk is a fully on-premises audio/video and chat communicati ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Talk
 CVE-2021-32688 (Nextcloud Server is a Nextcloud package that handles data storage. Nex ...)
 	TODO: check
 CVE-2021-32687



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d645196d857de4c9ecac499a01c7938b0013557

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d645196d857de4c9ecac499a01c7938b0013557
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210713/d467222e/attachment.htm>

More information about the debian-security-tracker-commits mailing list