[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Mon Feb 14 10:49:54 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5b8310b9 by Neil Williams at 2022-02-14T10:49:22+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10341,7 +10341,7 @@ CVE-2021-45762 (GPAC v1.1.0 was discovered to contain an invalid memory address
 	NOTE: https://github.com/gpac/gpac/issues/1978
 	NOTE: https://github.com/gpac/gpac/commit/6d647f6e458c9b727eae1a8077d27fa433ced788
 CVE-2021-45761 (ROPium v3.1 was discovered to contain an invalid memory address derefe ...)
-	TODO: check
+	NOT-FOR-US: ROPium
 CVE-2021-45760 (GPAC v1.1.0 was discovered to contain an invalid memory address derefe ...)
 	- gpac <unfixed>
 	NOTE: https://github.com/gpac/gpac/issues/1966
@@ -11729,7 +11729,7 @@ CVE-2021-45396
 CVE-2021-45395
 	RESERVED
 CVE-2021-45394 (An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can  ...)
-	TODO: check
+	NOT-FOR-US: PHP HTML2PDF
 CVE-2021-45393
 	RESERVED
 CVE-2021-45392
@@ -16968,7 +16968,7 @@ CVE-2021-43842 (Wiki.js is a wiki app built on Node.js. Wiki.js versions 2.5.257
 CVE-2021-43841 (XWiki is a generic wiki platform offering runtime services for applica ...)
 	NOT-FOR-US: XWiki
 CVE-2021-43840 (message_bus is a messaging bus for Ruby processes and web clients. In  ...)
-	TODO: check
+	NOT-FOR-US: Discourse Message Bus middleware
 CVE-2021-43839 (Cronos is a commercial implementation of a blockchain. In Cronos nodes ...)
 	NOT-FOR-US: Cronos
 CVE-2021-43838 (jsx-slack is a library for building JSON objects for Slack Block Kit s ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b8310b92c82d096bc9e887b450c4c5ff6ae16e0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b8310b92c82d096bc9e887b450c4c5ff6ae16e0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220214/2b200dc3/attachment.htm>

More information about the debian-security-tracker-commits mailing list