[Git][security-tracker-team/security-tracker][master] new kopano issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0545036b by Moritz Muehlenhoff at 2022-04-01T23:11:26+02:00
new kopano issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1660,7 +1660,7 @@ CVE-2022-27774
 CVE-2022-27773
 	RESERVED
 CVE-2022-27772 (** UNSUPPORTED WHEN ASSIGNED ** spring-boot versions prior to version  ...)
-	TODO: check
+	NOT-FOR-US: Spring Boot
 CVE-2022-27771
 	RESERVED
 CVE-2022-27770
@@ -3523,7 +3523,7 @@ CVE-2022-27054
 CVE-2022-27053
 	RESERVED
 CVE-2022-27052 (FreeFtpd version 1.0.13 and below contains an unquoted service path vu ...)
-	TODO: check
+	NOT-FOR-US: FreeFtpd
 CVE-2022-27051
 	RESERVED
 CVE-2022-27050 (BitComet Service for Windows before version 1.8.6 contains an unquoted ...)
@@ -4718,7 +4718,7 @@ CVE-2022-26564
 CVE-2022-26563
 	RESERVED
 CVE-2022-26562 (An issue in provider/libserver/ECKrbAuth.cpp of Kopano-Core v11.0.2.51 ...)
-	TODO: check
+	- kopanocore <unfixed>
 CVE-2022-26561
 	RESERVED
 CVE-2022-26560
@@ -5487,7 +5487,7 @@ CVE-2022-26298
 CVE-2022-26297
 	RESERVED
 CVE-2022-26296 (BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was di ...)
-	TODO: check
+	NOT-FOR-US: BOOM CPU
 CVE-2022-26295 (A stored cross-site scripting (XSS) vulnerability in /ptms/?page=user  ...)
 	NOT-FOR-US: Online Project Time Management System
 CVE-2022-26294
@@ -6551,7 +6551,7 @@ CVE-2022-24909
 CVE-2022-24441
 	RESERVED
 CVE-2022-24440 (The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1 ...)
-	TODO: check
+	NOT-FOR-US: cocoapods-downloader
 CVE-2022-24439
 	RESERVED
 CVE-2022-24438
@@ -6617,7 +6617,7 @@ CVE-2022-21802
 CVE-2022-21797
 	RESERVED
 CVE-2022-21235 (The package github.com/masterminds/vcs before 1.13.3 are vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: github.com/masterminds/vcs
 CVE-2022-21232
 	RESERVED
 CVE-2022-21231
@@ -6627,7 +6627,7 @@ CVE-2022-21230
 CVE-2022-21227
 	RESERVED
 CVE-2022-21223 (The package cocoapods-downloader before 1.6.2 are vulnerable to Comman ...)
-	TODO: check
+	NOT-FOR-US: cocoapods-downloader
 CVE-2022-21222
 	RESERVED
 CVE-2022-21221 (The package github.com/valyala/fasthttp before 1.34.0 are vulnerable t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0545036bf4a08bed6be9f1c9f49a0a3fa16f970c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0545036bf4a08bed6be9f1c9f49a0a3fa16f970c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220401/9f40faac/attachment.htm>