[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso carnil at debian.org
Wed May 5 21:47:55 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
07014b5a by Salvatore Bonaccorso at 2021-05-05T22:47:31+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -119,7 +119,7 @@ CVE-2020-36336
 CVE-2020-36335
 	RESERVED
 CVE-2016-20010 (EWWW Image Optimizer before 2.8.5 allows remote command execution beca ...)
-	TODO: check
+	NOT-FOR-US: EWWW Image Optimizer
 CVE-2021-32055 (Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through ...)
 	- mutt <unfixed> (bug #988106)
 	[buster] - mutt <not-affected> (Vulnerable code introduced later)
@@ -6564,17 +6564,17 @@ CVE-2021-29252
 CVE-2021-29251 (BTCPay Server before 1.0.7.1 mishandles the policy setting in which us ...)
 	NOT-FOR-US: BTCPay Server
 CVE-2021-29250 (BTCPay Server through 1.0.7.0 suffers from a Stored Cross Site Scripti ...)
-	TODO: check
+	NOT-FOR-US: BTCPay Server
 CVE-2021-29249 (BTCPay Server before 1.0.6.0, when the payment button is used, has a p ...)
 	NOT-FOR-US: BTCPay Server
 CVE-2021-29248 (BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain  ...)
-	TODO: check
+	NOT-FOR-US: BTCPay Server
 CVE-2021-29247 (BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain  ...)
-	TODO: check
+	NOT-FOR-US: BTCPay Server
 CVE-2021-29246 (BTCPay Server through 1.0.7.0 suffers from directory traversal, which  ...)
-	TODO: check
+	NOT-FOR-US: BTCPay Server
 CVE-2021-29245 (BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseud ...)
-	TODO: check
+	NOT-FOR-US: BTCPay Server
 CVE-2021-29244
 	RESERVED
 CVE-2021-29243



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07014b5a58926dec6ac0274d127b270c4250a450

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07014b5a58926dec6ac0274d127b270c4250a450
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210505/7444d9c3/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list