[Git][security-tracker-team/security-tracker][master] Process NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Sep 16 09:29:02 BST 2021 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc8255af by Neil Williams at 2021-09-16T09:28:44+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5914,7 +5914,7 @@ CVE-2021-38663
 CVE-2021-38662
 	RESERVED
 CVE-2021-38661 (HEVC Video Extensions Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-38660 (Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-38659 (Microsoft Office Remote Code Execution Vulnerability ...)
@@ -26103,7 +26103,7 @@ CVE-2021-30292
 CVE-2021-30291
 	RESERVED
 CVE-2021-30290 (Possible null pointer dereference due to race condition between timeli ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2021-30289
 	RESERVED
 CVE-2021-30288
@@ -26572,7 +26572,7 @@ CVE-2021-30139 (In Alpine Linux apk-tools before 2.12.5, the tarball parser allo
 CVE-2021-30138
 	REJECTED
 CVE-2021-30137 (Assyst 10 SP7.5 has authenticated XXE leading to SSRF via XML unmarsha ...)
-	TODO: check
+	NOT-FOR-US: Axios Assyst
 CVE-2021-30136
 	RESERVED
 CVE-2021-30135
@@ -29693,7 +29693,7 @@ CVE-2021-28902 (In function read_yin_container() in libyang <= v1.0.225, it d
 	[buster] - libyang <no-dsa> (Minor issue)
 	NOTE: https://github.com/CESNET/libyang/issues/1454
 CVE-2021-28901 (Multiple cross-site scripting (XSS) vulnerabilities exist in SITA Soft ...)
-	TODO: check
+	NOT-FOR-US: Sita Software Azur CMS.
 CVE-2021-28900
 	RESERVED
 CVE-2021-28899 (Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileS ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc8255af769603231bbcf58abd615804599d821d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc8255af769603231bbcf58abd615804599d821d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210916/92dc0784/attachment.htm>

More information about the debian-security-tracker-commits mailing list