[Git][security-tracker-team/security-tracker][master] Process some NFUs & 1 removed pkg

Mon Nov 1 13:44:09 GMT 2021


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d02e70a4 by Neil Williams at 2021-11-01T13:43:50+00:00
Process some NFUs & 1 removed pkg

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52188,9 +52188,9 @@ CVE-2021-22099
 CVE-2021-22098 (UAA server versions prior to 75.4.0 are vulnerable to an open redirect ...)
 	NOT-FOR-US: UAA server
 CVE-2021-22097 (In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring  ...)
-	TODO: check
+	NOT-FOR-US: Spring AMQP
 CVE-2021-22096 (In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older ...)
-	TODO: check
+	NOT-FOR-US: Spring Framework
 CVE-2021-22095
 	RESERVED
 CVE-2021-22094
@@ -52288,13 +52288,13 @@ CVE-2021-22049
 CVE-2021-22048
 	RESERVED
 CVE-2021-22047 (In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older  ...)
-	TODO: check
+	NOT-FOR-US: Spring Data REST
 CVE-2021-22046
 	RESERVED
 CVE-2021-22045
 	RESERVED
 CVE-2021-22044 (In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEA ...)
-	TODO: check
+	NOT-FOR-US: Spring Cloud OpenFeign
 CVE-2021-22043
 	RESERVED
 CVE-2021-22042
@@ -55400,7 +55400,7 @@ CVE-2021-21321 (fastify-reply-from is an npm package which is a fastify plugin t
 CVE-2021-21320 (matrix-react-sdk is an npm package which is a Matrix SDK for React Jav ...)
 	NOT-FOR-US: Node matrix-react-sdk
 CVE-2021-21319 (Galette is a membership management web application geared towards non  ...)
-	TODO: check
+	- galette <removed>
 CVE-2021-21318 (Opencast is a free, open-source platform to support the management of  ...)
 	NOT-FOR-US: Opencast
 CVE-2021-21317 (uap-core in an open-source npm package which contains the core of Brow ...)
@@ -56863,9 +56863,9 @@ CVE-2021-20841
 CVE-2021-20840
 	RESERVED
 CVE-2021-20839 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...)
-	TODO: check
+	NOT-FOR-US: Office Server Document Converter
 CVE-2021-20838 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...)
-	TODO: check
+	NOT-FOR-US: Office Server Document Converter
 CVE-2021-20837 (Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Typ ...)
 	- movabletype-opensource <removed>
 CVE-2021-20836 (Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0 ...)
@@ -65590,7 +65590,7 @@ CVE-2021-1119 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU
 CVE-2021-1118 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
 	NOT-FOR-US: NVIDIA
 CVE-2021-1117 (Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sy ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1116 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
 	NOT-FOR-US: NVIDIA GPU Display Driver for Windows
 CVE-2021-1115 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d02e70a487b6184ef246cc4c0b25348d4cb134ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d02e70a487b6184ef246cc4c0b25348d4cb134ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211101/b2074286/attachment.htm>
