[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Jun 19 09:38:53 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b52d4c7b by Salvatore Bonaccorso at 2021-06-19T10:38:30+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4226,9 +4226,9 @@ CVE-2021-33187
 CVE-2021-3555
 	RESERVED
 CVE-2021-33186 (SerenityOS in test-crypto.cpp contains a stack buffer overflow which c ...)
-	TODO: check
+	NOT-FOR-US: SerenityOS
 CVE-2021-33185 (SerenityOS contains a buffer overflow in the set_range test in TestBit ...)
-	TODO: check
+	NOT-FOR-US: SerenityOS
 CVE-2021-33184 (Server-Side request forgery (SSRF) vulnerability in task management co ...)
 	NOT-FOR-US: Synology
 CVE-2021-33183 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
@@ -7871,15 +7871,15 @@ CVE-2021-31666
 CVE-2021-31665
 	RESERVED
 CVE-2021-31664 (RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-31663 (RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-31662 (RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-31661 (RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-31660 (RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f ...)
-	TODO: check
+	NOT-FOR-US: RIOT RIOT-OS
 CVE-2021-31659 (TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is v ...)
 	NOT-FOR-US: TP-Link
 CVE-2021-31658 (TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is a ...)
@@ -8814,7 +8814,7 @@ CVE-2021-31274
 CVE-2021-31273
 	RESERVED
 CVE-2021-31272 (SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c cont ...)
-	TODO: check
+	NOT-FOR-US: SerenityOS
 CVE-2021-31271
 	RESERVED
 CVE-2021-31270
@@ -33311,7 +33311,7 @@ CVE-2021-21412 (Potential for arbitrary code execution in npm package @thi.ng/eg
 CVE-2021-21411 (OAuth2-Proxy is an open source reverse proxy that provides authenticat ...)
 	- oauth2-proxy <itp> (bug #982891)
 CVE-2021-21410 (Contiki-NG is an open-source, cross-platform operating system for Next ...)
-	TODO: check
+	NOT-FOR-US: Contiki-NG
 CVE-2021-21409 (Netty is an open-source, asynchronous event-driven network application ...)
 	{DSA-4885-1}
 	- netty 1:4.1.48-4 (bug #986217)
@@ -33679,13 +33679,13 @@ CVE-2021-21284 (In Docker before versions 9.03.15, 20.10.3 there is a vulnerabil
 CVE-2021-21283 (Flarum is an open source discussion platform for websites. The "Flarum ...)
 	NOT-FOR-US: Flarum
 CVE-2021-21282 (Contiki-NG is an open-source, cross-platform operating system for inte ...)
-	TODO: check
+	NOT-FOR-US: Contiki-NG
 CVE-2021-21281 (Contiki-NG is an open-source, cross-platform operating system for inte ...)
-	TODO: check
+	NOT-FOR-US: Contiki-NG
 CVE-2021-21280 (Contiki-NG is an open-source, cross-platform operating system for inte ...)
-	TODO: check
+	NOT-FOR-US: Contiki-NG
 CVE-2021-21279 (Contiki-NG is an open-source, cross-platform operating system for inte ...)
-	TODO: check
+	NOT-FOR-US: Contiki-NG
 CVE-2021-21278 (RSSHub is an open source, easy to use, and extensible RSS feed generat ...)
 	NOT-FOR-US: RSSHub
 CVE-2021-21277 (angular-expressions is "angular's nicest part extracted as a standalon ...)
@@ -33731,7 +33731,7 @@ CVE-2021-21258 (GLPI is an open-source asset and IT management software package
 	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-j4xj-4qmc-mmmx
 	NOTE: https://github.com/glpi-project/glpi/commit/e7802fc051696de1f76108ea8dc3bd4e2c880f15
 CVE-2021-21257 (Contiki-NG is an open-source, cross-platform operating system for inte ...)
-	TODO: check
+	NOT-FOR-US: Contiki-NG
 CVE-2021-21256
 	RESERVED
 CVE-2021-21255 (GLPI is an open-source asset and IT management software package that p ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b52d4c7b7c6c373177dba9642d92532da31175de

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b52d4c7b7c6c373177dba9642d92532da31175de
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210619/9ffbba7e/attachment.htm>
