[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 24 21:01:14 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4692dfa9 by Salvatore Bonaccorso at 2021-06-24T22:00:48+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3039,15 +3039,15 @@ CVE-2021-34073
 CVE-2021-34072
 	RESERVED
 CVE-2021-34071 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: tsMuxer
 CVE-2021-34070 (Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denia ...)
-	TODO: check
+	NOT-FOR-US: tsMuxer
 CVE-2021-34069 (Divide-by-zero bug in tsMuxer 2.6.16 allows attackers to cause a Denia ...)
-	TODO: check
+	NOT-FOR-US: tsMuxer
 CVE-2021-34068 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: tsMuxer
 CVE-2021-34067 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: tsMuxer
 CVE-2021-34066
 	RESERVED
 CVE-2021-34065
@@ -13806,7 +13806,7 @@ CVE-2021-29622 (Prometheus is an open-source monitoring system and time series d
 CVE-2021-29621 (Flask-AppBuilder is a development framework, built on top of Flask. Us ...)
 	NOT-FOR-US: Flask-AppBuilder
 CVE-2021-29620 (Report portal is an open source reporting and analysis framework. Star ...)
-	TODO: check
+	NOT-FOR-US: Report portal
 CVE-2021-29619 (TensorFlow is an end-to-end open source platform for machine learning. ...)
 	- tensorflow <itp> (bug #804612)
 CVE-2021-29618 (TensorFlow is an end-to-end open source platform for machine learning. ...)
@@ -15813,7 +15813,7 @@ CVE-2021-28802
 CVE-2021-28801 (An out-of-bounds read vulnerability has been reported to affect certai ...)
 	NOT-FOR-US: QNAP
 CVE-2021-28800 (A command injection vulnerability has been reported to affect QNAP NAS ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2021-28799 (An improper authorization vulnerability has been reported to affect QN ...)
 	NOT-FOR-US: QNAP
 CVE-2021-28798 (A relative path traversal vulnerability has been reported to affect QN ...)
@@ -38289,7 +38289,7 @@ CVE-2021-20021 (A vulnerability in the SonicWall Email Security version 10.0.9.x
 CVE-2021-20020 (A command execution vulnerability in SonicWall GMS 9.3 allows a remote ...)
 	NOT-FOR-US: SonicWall
 CVE-2021-20019 (A vulnerability in SonicOS where the HTTP server response leaks partia ...)
-	TODO: check
+	NOT-FOR-US: SonicOS
 CVE-2021-20018 (A post-authenticated vulnerability in SonicWall SMA100 allows an attac ...)
 	NOT-FOR-US: SonicWall
 CVE-2021-20017 (A post-authenticated command injection vulnerability in SonicWall SMA1 ...)
@@ -68795,7 +68795,7 @@ CVE-2020-18662
 CVE-2020-18661
 	RESERVED
 CVE-2020-18660 (GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php  ...)
-	TODO: check
+	NOT-FOR-US: GetSimpleCMS
 CVE-2020-18659 (Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the ...)
 	NOT-FOR-US: GetSimpleCMS
 CVE-2020-18658 (Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15  ...)
@@ -422291,13 +422291,13 @@ CVE-2010-1436 (gfs2 in the Linux kernel 2.6.18, and possibly other versions, doe
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 2.6.26-23
 CVE-2010-1435 (Joomla! Core is prone to a security bypass vulnerability. Exploiting t ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1434 (Joomla! Core is prone to a session fixation vulnerability. An attacker ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1433 (Joomla! Core is prone to a vulnerability that lets attackers upload ar ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1432 (Joomla! Core is prone to an information disclosure vulnerability. Atta ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1430
 	REJECTED
 CVE-2010-1429 (Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4692dfa997fa25ac7236bc34674eb175e6046d75

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4692dfa997fa25ac7236bc34674eb175e6046d75
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210624/19dea128/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list