[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 29 10:06:42 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
79a9fcfa by Salvatore Bonaccorso at 2021-05-29T11:05:05+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -111,25 +111,25 @@ CVE-2020-36377
 CVE-2020-36376
 	RESERVED
 CVE-2020-36375 (Stack overflow vulnerability in parse_equality Cesanta MJS 1.20.1, all ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36374 (Stack overflow vulnerability in parse_comparison Cesanta MJS 1.20.1, a ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36373 (Stack overflow vulnerability in parse_shifts Cesanta MJS 1.20.1, allow ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36372 (Stack overflow vulnerability in parse_plus_minus Cesanta MJS 1.20.1, a ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36371 (Stack overflow vulnerability in parse_mul_div_rem Cesanta MJS 1.20.1,  ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36370 (Stack overflow vulnerability in parse_unary Cesanta MJS 1.20.1, allows ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36369 (Stack overflow vulnerability in parse_statement_list Cesanta MJS 1.20. ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36368 (Stack overflow vulnerability in parse_statement Cesanta MJS 1.20.1, al ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36367 (Stack overflow vulnerability in parse_block Cesanta MJS 1.20.1, allows ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-36366 (Stack overflow vulnerability in parse_value Cesanta MJS 1.20.1, allows ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2021-3569
 	RESERVED
 CVE-2021-3568
@@ -2535,11 +2535,11 @@ CVE-2021-32623
 CVE-2021-32622 (Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip ...)
 	NOT-FOR-US: Matrix-React-SDK
 CVE-2021-32621 (### Impact A user without Script or Programming right is able to execu ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2021-32620 (### Impact A user disabled on a wiki using email verification for regi ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2021-32619 (Deno is a runtime for JavaScript and TypeScript that uses V8 and is bu ...)
-	TODO: check
+	NOT-FOR-US: Deno
 CVE-2021-32618 (The Python "Flask-Security-Too" package is used for adding security fe ...)
 	NOT-FOR-US: Flask-Security-Too
 CVE-2021-32617 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
@@ -2550,7 +2550,7 @@ CVE-2021-32617 (Exiv2 is a command-line utility and C++ library for reading, wri
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj
 	NOTE: https://github.com/Exiv2/exiv2/pull/1657
 CVE-2021-32616 (1CDN is open-source file sharing software. In 1CDN before commit f88a2 ...)
-	TODO: check
+	NOT-FOR-US: 1CDN
 CVE-2021-3549 (An out of bounds flaw was found in GNU binutils objdump utility versio ...)
 	- binutils <unfixed> (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=27294
@@ -47386,9 +47386,9 @@ CVE-2020-26644
 CVE-2020-26643
 	RESERVED
 CVE-2020-26642 (A cross-site scripting (XSS) vulnerability has been discovered in the  ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2020-26641 (A Cross Site Request Forgery (CSRF) vulnerability was discovered in iC ...)
-	TODO: check
+	NOT-FOR-US: iCMS
 CVE-2020-26640
 	RESERVED
 CVE-2020-26639
@@ -64985,7 +64985,7 @@ CVE-2020-18394
 CVE-2020-18393
 	RESERVED
 CVE-2020-18392 (Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows ...)
-	TODO: check
+	NOT-FOR-US: Cesanta MJS
 CVE-2020-18391
 	RESERVED
 CVE-2020-18390



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79a9fcfac2742633b0903f8421d62c68c4de952f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79a9fcfac2742633b0903f8421d62c68c4de952f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210529/5988e2f5/attachment.htm>


More information about the debian-security-tracker-commits mailing list