[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Feb 11 15:18:18 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
187995cc by Moritz Muehlenhoff at 2022-02-11T16:16:04+01:00
NFUs
jhead unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1609,6 +1609,7 @@ CVE-2022-24290
 	RESERVED
 CVE-2022-24289
 	RESERVED
+	NOT-FOR-US: Apache Cayenne
 CVE-2022-24288
 	RESERVED
 CVE-2022-24287
@@ -2294,6 +2295,7 @@ CVE-2022-0407 (Heap-based Buffer Overflow in Conda vim prior to 8.2. ...)
 	NOTE: https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e (v8.2.4219)
 CVE-2022-24112
 	RESERVED
+	NOT-FOR-US: Apache APISIX
 CVE-2022-0406
 	RESERVED
 CVE-2022-0405
@@ -14270,6 +14272,7 @@ CVE-2021-23198 (mySCADA myPRO: Versions 8.20.0 and prior has a feature where the
 	NOT-FOR-US: mySCADA myPRO
 CVE-2021-44521
 	RESERVED
+	- cassandra <itp> (bug #585905)
 CVE-2021-4046
 	RESERVED
 CVE-2021-4045
@@ -95172,10 +95175,11 @@ CVE-2020-26210 (In BookStack before version 0.30.4, a user with permissions to e
 CVE-2020-26209
 	RESERVED
 CVE-2020-26208 (JHEAD is a simple command line tool for displaying and some manipulati ...)
-	- jhead 1:3.04-6 (bug #972617)
+	- jhead 1:3.04-6 (bug #972617; unimportant)
 	NOTE: https://github.com/Matthias-Wandel/jhead/commit/5186ddcf9e35a7aa0ff0539489a930434a1325f4
 	NOTE: https://github.com/Matthias-Wandel/jhead/issues/7
 	NOTE: https://sources.debian.org/src/jhead/1%3A3.04-6/debian/patches/allocate-extra.patch/
+	NOTE: Crash in CLI tool, no security impact
 CVE-2020-26207 (DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary ...)
 	NOT-FOR-US: DatabaseSchemaViewer
 CVE-2020-26206



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/187995ccd216390ee506dcdae21cbb64cb08c30c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/187995ccd216390ee506dcdae21cbb64cb08c30c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220211/60b45c4b/attachment.htm>

More information about the debian-security-tracker-commits mailing list