[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jun 11 09:13:06 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8cdb6bc7 by Moritz Muehlenhoff at 2021-06-11T10:12:54+02:00
NFUs
two n/a for SuSE packaging issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2204,7 +2204,7 @@ CVE-2021-33670
 CVE-2021-33669 (Under certain conditions, SAP Mobile SDK Certificate Provider allows a ...)
 	NOT-FOR-US: SAP
 CVE-2021-33668 (Due to improper input sanitization, specially crafted LDAP queries can ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-33667
 	RESERVED
 CVE-2021-33666 (When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it ...)
@@ -2896,7 +2896,7 @@ CVE-2021-33361
 CVE-2021-33360
 	RESERVED
 CVE-2021-33359 (A vulnerability exists in gowitness < 2.3.6 that allows an unauthen ...)
-	TODO: check
+	NOT-FOR-US: gowitness
 CVE-2021-33358 (Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interfac ...)
 	NOT-FOR-US: RaspAP
 CVE-2021-33357 (A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET param ...)
@@ -4420,9 +4420,9 @@ CVE-2021-32676
 CVE-2021-32675
 	RESERVED
 CVE-2021-32674 (Zope is an open-source web application server. This advisory extends t ...)
-	TODO: check
+	NOT-FOR-US: Zope
 CVE-2021-32673 (reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot ...)
-	TODO: check
+	NOT-FOR-US: reg-keygen-git-hash-plugin
 CVE-2021-32672
 	RESERVED
 CVE-2021-32671 (Flarum is a forum software for building communities. Flarum's translat ...)
@@ -4452,7 +4452,7 @@ CVE-2021-32660 (Backstage is an open platform for building developer portals, an
 CVE-2021-32659
 	RESERVED
 CVE-2021-32658 (Nextcloud Android is the Android client for the Nextcloud open source  ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud client for Android
 CVE-2021-32657 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
 	- nextcloud-server <itp> (bug #941708)
 CVE-2021-32656 (Nextcloud Server is a Nextcloud package that handles data storage. A v ...)
@@ -5683,7 +5683,7 @@ CVE-2021-32108
 CVE-2021-32107
 	RESERVED
 CVE-2021-32106 (In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified i ...)
-	TODO: check
+	NOT-FOR-US: ICEcoder
 CVE-2021-32105
 	RESERVED
 CVE-2021-32104 (A SQL injection vulnerability exists (with user privileges) in interfa ...)
@@ -6054,9 +6054,9 @@ CVE-2021-32000
 CVE-2021-31999
 	RESERVED
 CVE-2021-31998 (A Incorrect Default Permissions vulnerability in the packaging of inn  ...)
-	TODO: check
+	- inn2 <not-affected> (SuSE-specific packaging issue)
 CVE-2021-31997 (a UNIX Symbolic Link (Symlink) Following vulnerability in python-posto ...)
-	TODO: check
+	- postorius <not-affected> (SuSE-specific packaging issue)
 CVE-2021-31996 (An issue was discovered in the algorithmica crate through 2021-03-07 f ...)
 	NOT-FOR-US: Rust crate algorithmica
 CVE-2021-3529 (A flaw was found in noobaa-core in versions before 5.7.0. This flaw re ...)
@@ -6086,7 +6086,7 @@ CVE-2021-31985 (Microsoft Defender Remote Code Execution Vulnerability ...)
 CVE-2021-31984
 	RESERVED
 CVE-2021-31983 (Paint 3D Remote Code Execution Vulnerability This CVE ID is unique fro ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-31982
 	RESERVED
 CVE-2021-31981
@@ -6118,7 +6118,7 @@ CVE-2021-31969 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vu
 CVE-2021-31968 (Windows Remote Desktop Services Denial of Service Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-31967 (VP9 Video Extensions Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-31966 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-31965 (Microsoft SharePoint Server Information Disclosure Vulnerability ...)
@@ -6128,7 +6128,7 @@ CVE-2021-31964 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID i
 CVE-2021-31963 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-31962 (Kerberos AppContainer Security Feature Bypass Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-31961
 	RESERVED
 CVE-2021-31960 (Windows Bind Filter Driver Information Disclosure Vulnerability ...)
@@ -7222,7 +7222,7 @@ CVE-2021-31540 (Wowza Streaming Engine through 4.8.5 (in a default installation)
 CVE-2021-31539 (Wowza Streaming Engine before 4.8.8.01 (in a default installation) has ...)
 	NOT-FOR-US: Wowza Streaming Engine
 CVE-2021-31538 (LANCOM R&S Unified Firewall (UF) devices running LCOS FX 10.5 allo ...)
-	TODO: check
+	NOT-FOR-US: LANCOM
 CVE-2021-31537 (SIS SIS-REWE Go before 7.7 SP17 allows XSS: rewe/prod/web/index.php (a ...)
 	NOT-FOR-US: SIS-REWE Go
 CVE-2021-31536
@@ -10029,7 +10029,7 @@ CVE-2021-30359
 CVE-2021-30358
 	RESERVED
 CVE-2021-30357 (SSL Network Extender Client for Linux before build 800008302 reveals p ...)
-	TODO: check
+	NOT-FOR-US: SSL Network Extender Client
 CVE-2021-30356 (A denial of service vulnerability was reported in Check Point Identity ...)
 	NOT-FOR-US: Check Point Identity Agent
 CVE-2021-30355
@@ -15039,7 +15039,7 @@ CVE-2021-28295 (Online Ordering System 1.0 is vulnerable to unauthenticated SQL
 CVE-2021-28294 (Online Ordering System 1.0 is vulnerable to arbitrary file upload thro ...)
 	NOT-FOR-US: Online Ordering System
 CVE-2021-28293 (Seceon aiSIEM before 6.3.2 (build 585) is prone to an unauthenticated  ...)
-	TODO: check
+	NOT-FOR-US: Seceon aiSIEM
 CVE-2021-28292
 	RESERVED
 CVE-2021-28291
@@ -17225,7 +17225,7 @@ CVE-2021-27392 (A vulnerability has been identified in Siveillance Video Open Ne
 CVE-2021-27391
 	RESERVED
 CVE-2021-27390 (A vulnerability has been identified in JT2Go (All versions < V13.1. ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-27389 (A vulnerability has been identified in Opcenter Quality (All versions  ...)
 	NOT-FOR-US: Opcenter Quality
 CVE-2021-27388



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdb6bc7d6ee7715739cae03ad9c730587a8db2f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdb6bc7d6ee7715739cae03ad9c730587a8db2f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210611/fd5f688b/attachment.htm>

More information about the debian-security-tracker-commits mailing list