[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11261db8 by Moritz Muehlenhoff at 2021-09-20T10:33:08+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -261,7 +261,7 @@ CVE-2021-41394 (Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and
 CVE-2021-41393 (Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x b ...)
 	NOT-FOR-US: Teleport
 CVE-2021-41392 (static/main-preload.js in Boost Note through 0.22.0 allows remote comm ...)
-	TODO: check
+	NOT-FOR-US: BoostNote
 CVE-2021-41391 (In Ericsson ECM before 18.0, it was observed that Security Management  ...)
 	NOT-FOR-US: Ericsson ECM
 CVE-2021-41390 (In Ericsson ECM before 18.0, it was observed that Security Provider En ...)
@@ -288,7 +288,7 @@ CVE-2021-41381
 CVE-2021-3816
 	RESERVED
 CVE-2021-41380 (RealVNC Viewer 6.21.406 allows remote VNC servers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: RealVNC
 CVE-2021-41379
 	RESERVED
 CVE-2021-41378
@@ -5178,9 +5178,9 @@ CVE-2021-39230
 CVE-2021-39229
 	RESERVED
 CVE-2021-39228 (Tremor is an event processing system for unstructured data. A vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Tremor event processing (different from Vorbis Tremor)
 CVE-2021-39227 (ZRender is a lightweight graphic library providing 2d draw for Apache  ...)
-	TODO: check
+	NOT-FOR-US: ZRender
 CVE-2021-39226
 	RESERVED
 CVE-2021-39225
@@ -5196,13 +5196,13 @@ CVE-2021-39221
 CVE-2021-39220
 	RESERVED
 CVE-2021-39219 (Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtim ...)
-	TODO: check
+	NOT-FOR-US: wasmtime
 CVE-2021-39218 (Wasmtime is an open source runtime for WebAssembly & WASI. In Wasm ...)
-	TODO: check
+	NOT-FOR-US: wasmtime
 CVE-2021-39217
 	RESERVED
 CVE-2021-39216 (Wasmtime is an open source runtime for WebAssembly & WASI. In Wasm ...)
-	TODO: check
+	NOT-FOR-US: wasmtime
 CVE-2021-39215 (Jitsi Meet is an open source video conferencing application. In versio ...)
 	- jitsi-meet <itp> (bug #760485)
 CVE-2021-39214 (mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mi ...)
@@ -43285,9 +43285,9 @@ CVE-2021-23444
 CVE-2021-23443
 	RESERVED
 CVE-2021-23442 (This affects all versions of package @cookiex/deep. The global proto o ...)
-	TODO: check
+	NOT-FOR-US: Node @cookiex/deep
 CVE-2021-23441 (All versions of package com.jsoniter:jsoniter are vulnerable to Deseri ...)
-	TODO: check
+	NOT-FOR-US: com.jsoniter:jsoniter
 CVE-2021-23440 (This affects the package set-value before 4.0.1. A type confusion vuln ...)
 	- node-set-value 3.0.1-3 (bug #994448)
 	[bullseye] - node-set-value <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11261db8447b9e5328a648e9e0de3bd3fc0626dd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11261db8447b9e5328a648e9e0de3bd3fc0626dd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210920/1d91932d/attachment.htm>