[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Sep 27 08:33:36 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fa240d0b by Moritz Muehlenhoff at 2021-09-27T09:33:13+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2021-41616
 	RESERVED
 CVE-2021-3830 (btcpayserver is vulnerable to Improper Neutralization of Input During  ...)
-	TODO: check
+	NOT-FOR-US: btcpayserver
 CVE-2021-41617 (sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default c ...)
 	- openssh <unfixed> (bug #995130)
 	[bullseye] - openssh <no-dsa> (Minor issue)
@@ -5437,7 +5437,7 @@ CVE-2021-39247 (Zint Barcode Generator before 2.10.0 has a one-byte buffer over-
 	NOTE: https://sourceforge.net/p/zint/tickets/232/
 	NOTE: Introduced in https://sourceforge.net/p/zint/code/ci/6274140c73aa39c42271644ef8c9b4551ca06fc2/
 CVE-2021-39246 (Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlatio ...)
-	TODO: check
+	NOT-FOR-US: Tor Browser
 CVE-2021-3716 [NBD_OPT_STRUCTURED_REPLY injection on STARTTLS]
 	RESERVED
 	- nbdkit 1.26.5-1
@@ -45136,9 +45136,9 @@ CVE-2021-22871 (Revive Adserver before 5.1.0 permits any user with a manager acc
 CVE-2021-22870
 	RESERVED
 CVE-2021-22869 (An improper access control vulnerability in GitHub Enterprise Server a ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2021-22868 (A path traversal vulnerability was identified in GitHub Enterprise Ser ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2021-22867 (A path traversal vulnerability was identified in GitHub Enterprise Ser ...)
 	NOT-FOR-US: GitHub Enterprise Server
 CVE-2021-22866 (A UI misrepresentation vulnerability was identified in GitHub Enterpri ...)
@@ -54876,7 +54876,7 @@ CVE-2021-2466
 CVE-2021-2465
 	RESERVED
 CVE-2021-2464 (Vulnerability in Oracle Linux (component: OSwatcher). Supported versio ...)
-	TODO: check
+	NOT-FOR-US: Oracle Linux
 CVE-2021-2463 (Vulnerability in the Oracle Commerce Platform product of Oracle Commer ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2462 (Vulnerability in the Oracle Commerce Service Center product of Oracle  ...)
@@ -74852,7 +74852,7 @@ CVE-2020-23471
 CVE-2020-23470
 	RESERVED
 CVE-2020-23469 (gmate v0.12+bionic contains a regular expression denial of service (Re ...)
-	TODO: check
+	NOT-FOR-US: gmate
 CVE-2020-23468
 	RESERVED
 CVE-2020-23467



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa240d0ba1120498fbe31a74ff895bc05050a5ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa240d0ba1120498fbe31a74ff895bc05050a5ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210927/4a786287/attachment.htm>

More information about the debian-security-tracker-commits mailing list