[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 21 21:35:06 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4241a49c by Salvatore Bonaccorso at 2022-04-21T22:34:14+02:00
Process some NFUs

- - - - -
ae773b56 by Salvatore Bonaccorso at 2022-04-21T22:34:31+02:00
Add CVE-2022-2486{7,8,9}/glpi

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1893,7 +1893,7 @@ CVE-2022-28822
 CVE-2022-28821
 	RESERVED
 CVE-2022-28820 (ACS Commons version 5.1.x (and earlier) suffers from a Reflected Cross ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-28819
 	RESERVED
 CVE-2022-28818
@@ -12831,7 +12831,7 @@ CVE-2022-24877
 CVE-2022-24876
 	RESERVED
 CVE-2022-24875 (The CVEProject/cve-services is an open source project used to operate  ...)
-	TODO: check
+	NOT-FOR-US: CVEProject cve-services
 CVE-2022-24874 (acs commons is an open source framework for AEM projects. ACS Commons  ...)
 	NOT-FOR-US: Adobe acs-aem-commons
 CVE-2022-24873
@@ -12841,13 +12841,16 @@ CVE-2022-24872 (Shopware is an open commerce platform based on Symfony Framework
 CVE-2022-24871 (Shopware is an open commerce platform based on Symfony Framework and V ...)
 	NOT-FOR-US: Shopware
 CVE-2022-24870 (Combodo iTop is a web based IT Service Management tool. In 3.0.0 beta  ...)
-	TODO: check
+	NOT-FOR-US: Combodo iTop
 CVE-2022-24869 (GLPI is a Free Asset and IT Management Software package, that provides ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2022-24868 (GLPI is a Free Asset and IT Management Software package, that provides ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2022-24867 (GLPI is a Free Asset and IT Management Software package, that provides ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2022-24866
 	RESERVED
 CVE-2022-24865 (HumHub is an Open Source Enterprise Social Network. In affected versio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3e1082f6a6af48823ea06309e0ffcde55df09c2d...ae773b564c1cdc5e6365e4131a7f468736ae9876

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3e1082f6a6af48823ea06309e0ffcde55df09c2d...ae773b564c1cdc5e6365e4131a7f468736ae9876
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220421/9b5de84f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list