[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 11 20:55:37 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73584f5b by Salvatore Bonaccorso at 2022-01-11T21:54:55+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1444,7 +1444,7 @@ CVE-2021-46141 (An issue was discovered in uriparser before 0.9.6. It performs i
 CVE-2022-22678
 	RESERVED
 CVE-2022-0129 (Uncontrolled search path element vulnerability in McAfee TechCheck pri ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2022-0128 (vim is vulnerable to Out-of-bounds Read ...)
 	- vim <unfixed>
 	[bullseye] - vim <not-affected> (Vulnerable code introduced later)
@@ -4330,7 +4330,7 @@ CVE-2021-4158 [NULL pointer dereference in pci_write() in hw/acpi/pcihp.c]
 CVE-2021-45461 (FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 1 ...)
 	NOT-FOR-US: FreePBX
 CVE-2021-45460 (A vulnerability has been identified in SICAM PQ Analyzer (All versions ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-4157 [pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()]
 	RESERVED
 	- linux 5.10.38-1
@@ -6331,9 +6331,9 @@ CVE-2021-45036
 CVE-2021-45035
 	RESERVED
 CVE-2021-45034 (A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-45033 (A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-45032
 	RESERVED
 CVE-2021-45031
@@ -9532,19 +9532,19 @@ CVE-2022-21673
 CVE-2022-21672 (make-ca is a utility to deliver and manage a complete PKI configuratio ...)
 	TODO: check
 CVE-2022-21671 (@replit/crosis is a JavaScript client that speaks Replit's container p ...)
-	TODO: check
+	NOT-FOR-US: crosis
 CVE-2022-21670 (markdown-it is a Markdown parser. Prior to version 1.3.2, special patt ...)
 	- node-markdown-it <unfixed>
 	NOTE: https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c
 	NOTE: https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101 (12.3.2)
 CVE-2022-21669 (PuddingBot is a group management bot. In version 0.0.6-b933652 and pri ...)
-	TODO: check
+	NOT-FOR-US: PuddingBot
 CVE-2022-21668 (pipenv is a Python development workflow tool. Starting with version 20 ...)
 	TODO: check
 CVE-2022-21667 (soketi is an open-source WebSockets server. There is an unhandled case ...)
 	NOT-FOR-US: soketi
 CVE-2022-21666 (Useful Simple Open-Source CMS (USOC) is a content management system (C ...)
-	TODO: check
+	NOT-FOR-US: Useful Simple Open-Source CMS (USOC)
 CVE-2022-21665
 	RESERVED
 CVE-2022-21664 (WordPress is a free and open-source content management system written  ...)
@@ -12125,7 +12125,7 @@ CVE-2021-43299
 CVE-2021-43298
 	RESERVED
 CVE-2021-43297 (A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 a ...)
-	TODO: check
+	NOT-FOR-US: Apache Dubbo
 CVE-2021-3924 (grav is vulnerable to Improper Limitation of a Pathname to a Restricte ...)
 	NOT-FOR-US: Grav CMS
 CVE-2021-23222
@@ -18058,7 +18058,7 @@ CVE-2021-41770 (Ping Identity PingFederate before 10.3.1 mishandles pre-parsing
 CVE-2021-3838
 	RESERVED
 CVE-2021-41769 (A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU v ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-41768
 	RESERVED
 CVE-2021-41767
@@ -29202,13 +29202,13 @@ CVE-2021-37200 (A vulnerability has been identified in SINEC NMS (All versions &
 CVE-2021-37199 (A vulnerability has been identified in SINUMERIK 808D (All versions),  ...)
 	NOT-FOR-US: Siemens
 CVE-2021-37198 (A vulnerability has been identified in COMOS (All versions < V10.4. ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-37197 (A vulnerability has been identified in COMOS (All versions < V10.4. ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-37196 (A vulnerability has been identified in COMOS (All versions < V10.4. ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-37195 (A vulnerability has been identified in COMOS (All versions < V10.4. ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2021-37194
 	RESERVED
 CVE-2021-37193 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73584f5bad1e963878d5c79acfcb33c16bab1fb7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73584f5bad1e963878d5c79acfcb33c16bab1fb7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220111/7b5f15bf/attachment.htm>

More information about the debian-security-tracker-commits mailing list