[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75832def by Neil Williams at 2022-04-06T14:03:17+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2866,9 +2866,9 @@ CVE-2022-27611
 CVE-2022-27610
 	RESERVED
 CVE-2022-27609 (Forcepoint One Endpoint prior to version 22.01 installed on Microsoft  ...)
-	TODO: check
+	NOT-FOR-US: Forcepoint One Endpoint
 CVE-2022-27608 (Forcepoint One Endpoint prior to version 22.01 installed on Microsoft  ...)
-	TODO: check
+	NOT-FOR-US: Forcepoint One Endpoint
 CVE-2022-27607 (Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom ...)
 	NOT-FOR-US: Bento4
 CVE-2022-27606
@@ -6373,7 +6373,7 @@ CVE-2022-26283 (Simple Subscription Website v1.0 was discovered to contain a SQL
 CVE-2022-26282
 	RESERVED
 CVE-2022-26281 (BigAnt Server v5.6.06 was discovered to contain an incorrect access co ...)
-	TODO: check
+	NOT-FOR-US: BigAnt Server
 CVE-2022-26280 (Libarchive v3.6.0 was discovered to contain an out-of-bounds read via  ...)
 	- libarchive <unfixed> (bug #1008953)
 	[bullseye] - libarchive <no-dsa> (Minor issue)
@@ -10383,7 +10383,7 @@ CVE-2022-24803 (Asciidoctor-include-ext is Asciidoctor’s standard include
 	NOTE: https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155 (v0.4.0)
 	NOTE: https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee (v0.4.0)
 CVE-2022-24802 (deepmerge-ts is a typescript library providing functionality to deep m ...)
-	TODO: check
+	NOT-FOR-US: deepmerge-ts
 CVE-2022-24801 (Twisted is an event-based framework for internet applications, support ...)
 	- twisted <unfixed> (bug #1009030)
 	NOTE: https://github.com/twisted/twisted/security/advisories/GHSA-c2jg-hw38-jrqq
@@ -10396,13 +10396,13 @@ CVE-2022-24799
 CVE-2022-24798 (Internet Routing Registry daemon version 4 is an IRR database server,  ...)
 	NOT-FOR-US: Internet Routing Registry daemon (iird)
 CVE-2022-24797 (Pomerium is an identity-aware access proxy. In distributed service mod ...)
-	TODO: check
+	NOT-FOR-US: Pomerium
 CVE-2022-24796 (RaspberryMatic is a free and open-source operating system for running  ...)
 	NOT-FOR-US: RaspberryMatic
 CVE-2022-24795
 	RESERVED
 CVE-2022-24794 (Express OpenID Connect is an Express JS middleware implementing sign o ...)
-	TODO: check
+	NOT-FOR-US: Express OpenID Connect
 CVE-2022-24793
 	RESERVED
 CVE-2022-24792
@@ -10419,7 +10419,7 @@ CVE-2022-24789 (C1 CMS is an open-source, .NET based Content Management System (
 CVE-2022-24788
 	RESERVED
 CVE-2022-24787 (Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual M ...)
-	TODO: check
+	NOT-FOR-US: Vyper
 CVE-2022-24786
 	RESERVED
 CVE-2022-24785 (Moment.js is a JavaScript date library for parsing, validating, manipu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75832def40dac08bf31f21aec5ed386865fc6817

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75832def40dac08bf31f21aec5ed386865fc6817
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220406/798ae3ac/attachment.htm>