[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 26 10:18:51 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
920ac05a by Salvatore Bonaccorso at 2021-10-26T11:18:29+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5096,15 +5096,15 @@ CVE-2021-41310
 CVE-2021-41309
 	RESERVED
 CVE-2021-41308 (Affected versions of Atlassian Jira Server and Data Center allow authe ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2021-41307 (Affected versions of Atlassian Jira Server and Data Center allow unaut ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2021-41306 (Affected versions of Atlassian Jira Server and Data Center allow anony ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2021-41305 (Affected versions of Atlassian Jira Server and Data Center allow anony ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2021-41304 (Affected versions of Atlassian Jira Server and Data Center allow anony ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2021-3812 (adminlte is vulnerable to Improper Neutralization of Input During Web  ...)
 	NOT-FOR-US: adminlte
 CVE-2021-3811 (adminlte is vulnerable to Improper Neutralization of Input During Web  ...)
@@ -12307,11 +12307,11 @@ CVE-2021-38262
 CVE-2021-38261
 	RESERVED
 CVE-2021-38260 (NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow  ...)
-	TODO: check
+	NOT-FOR-US: NXP MCUXpresso SDK
 CVE-2021-38259
 	RESERVED
 CVE-2021-38258 (NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow  ...)
-	TODO: check
+	NOT-FOR-US: NXP MCUXpresso SDK
 CVE-2021-38257
 	RESERVED
 CVE-2021-38256
@@ -66746,11 +66746,11 @@ CVE-2021-0665
 CVE-2021-0664
 	RESERVED
 CVE-2021-0663 (In audio DSP, there is a possible out of bounds write due to an incorr ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0662 (In audio DSP, there is a possible out of bounds write due to an incorr ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0661 (In audio DSP, there is a possible out of bounds write due to an incorr ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0660 (In ccu, there is a possible out of bounds read due to incorrect error  ...)
 	NOT-FOR-US: Mediatek
 CVE-2021-0659
@@ -66804,15 +66804,15 @@ CVE-2021-0636 (When extracting the incorrectly formatted avi file, the memory is
 CVE-2021-0635 (When extracting the incorrectly formatted flv file, the memory is dama ...)
 	NOT-FOR-US: UniSoc components for Android
 CVE-2021-0634 (In display driver, there is a possible memory corruption due to uninit ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0633 (In display driver, there is a possible out of bounds write due to an i ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0632 (In wifi driver, there is a possible out of bounds read due to a missin ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0631 (In wifi driver, there is a possible system crash due to a missing boun ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0630 (In wifi driver, there is a possible system crash due to a missing boun ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0629
 	RESERVED
 CVE-2021-0628 (In OMA DRM, there is a possible memory corruption due to improper inpu ...)
@@ -66822,7 +66822,7 @@ CVE-2021-0627 (In OMA DRM, there is a possible memory corruption due to an integ
 CVE-2021-0626 (In ged, there is a possible out of bounds write due to a missing bound ...)
 	NOT-FOR-US: Mediatek
 CVE-2021-0625 (In ccu, there is a possible memory corruption due to improper locking. ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0624
 	RESERVED
 CVE-2021-0623
@@ -66836,17 +66836,17 @@ CVE-2021-0620
 CVE-2021-0619
 	RESERVED
 CVE-2021-0618 (In ape extractor, there is a possible out of bounds read due to a heap ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0617 (In ape extractor, there is a possible out of bounds read due to a heap ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0616 (In ape extractor, there is a possible out of bounds read due to a heap ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0615 (In flv extractor, there is a possible out of bounds read due to an int ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0614 (In asf extractor, there is a possible out of bounds read due to an inc ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0613 (In asf extractor, there is a possible out of bounds read due to an inc ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0612 (In m4u, there is a possible memory corruption due to a use after free. ...)
 	NOT-FOR-US: Mediatek
 CVE-2021-0611 (In m4u, there is a possible memory corruption due to a use after free. ...)
@@ -67253,17 +67253,17 @@ CVE-2021-0416 (In memory management driver, there is a possible system crash due
 CVE-2021-0415 (In memory management driver, there is a possible information disclosur ...)
 	NOT-FOR-US: Mediatek
 CVE-2021-0414 (In flv extractor, there is a possible out of bounds read due to a heap ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0413 (In flv extractor, there is a possible out of bounds read due to a miss ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0412 (In flv extractor, there is a possible out of bounds read due to a miss ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0411 (In flv extractor, there is a possible out of bounds read due to an int ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0410 (In flv extractor, there is a possible out of bounds read due to an inc ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0409 (In flv extractor, there is a possible out of bounds read due to an inc ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2021-0408 (In asf extractor, there is a possible out of bounds read due to an inc ...)
 	NOT-FOR-US: Mediatek
 CVE-2021-0407 (In clk driver, there is a possible out of bounds write due to an incor ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920ac05ac41bb1d49ed341e2df9bb7860febc524

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920ac05ac41bb1d49ed341e2df9bb7860febc524
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211026/837665a9/attachment.htm>

More information about the debian-security-tracker-commits mailing list