[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Wed Jan 26 11:03:53 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f9962365 by Neil Williams at 2022-01-26T11:03:31+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49931,7 +49931,7 @@ CVE-2021-30362
 CVE-2021-30361
 	RESERVED
 CVE-2021-30360 (Users have access to the directory where the installation repair occur ...)
-	TODO: check
+	NOT-FOR-US: Check Point
 CVE-2021-30359 (The Harmony Browse and the SandBlast Agent for Browsers installers mus ...)
 	NOT-FOR-US: Harmony Browse and the SandBlast Agent for Browsers installers
 CVE-2021-30358 (Mobile Access Portal Native Applications who's path is defined by the  ...)
@@ -49955,7 +49955,7 @@ CVE-2021-30350
 CVE-2021-30349
 	RESERVED
 CVE-2021-30348 (Improper validation of LLM utility timers availability can lead to den ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2021-30347
 	RESERVED
 CVE-2021-30346
@@ -49991,7 +49991,7 @@ CVE-2021-30332
 CVE-2021-30331
 	RESERVED
 CVE-2021-30330 (Possible null pointer dereference due to improper validation of APE cl ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2021-30329
 	RESERVED
 CVE-2021-30328
@@ -50025,7 +50025,7 @@ CVE-2021-30315 (Improper handling of sensor HAL structure in absence of sensor c
 CVE-2021-30314 (Lack of validation for third party application accessing the service c ...)
 	NOT-FOR-US: Qualcomm
 CVE-2021-30313 (Use after free condition can occur in wired connectivity due to a race ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2021-30312 (Improper authentication of sub-frames of a multicast AMSDU frame can l ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2021-30311 (Possible heap overflow due to lack of index validation before allocati ...)
@@ -51851,7 +51851,7 @@ CVE-2021-29634
 CVE-2021-29633
 	RESERVED
 CVE-2021-29632 (In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2021-29631 (In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before ...)
 	NOT-FOR-US: FreeBSD
 CVE-2021-29630 (In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before ...)
@@ -54247,7 +54247,7 @@ CVE-2021-28682 (An issue was discovered in Envoy through 1.71.1. There is a remo
 CVE-2021-28681 (Pion WebRTC before 3.0.15 didn't properly tear down the DTLS Connectio ...)
 	NOT-FOR-US: Pion WebRTC
 CVE-2021-28680 (The devise_masquerade gem before 1.3 allows certain attacks when a pas ...)
-	TODO: check
+	NOT-FOR-US: devise_masquerade
 CVE-2021-28679
 	RESERVED
 CVE-2021-28678 (An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImage ...)
@@ -59006,7 +59006,7 @@ CVE-2020-36241 (autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used
 	NOTE: https://gitlab.gnome.org/GNOME/gnome-autoar/-/commit/8109c368c6cfdb593faaf698c2bf5da32bb1ace4
 	NOTE: to not open CVE-2021-28650.
 CVE-2021-26706 (An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x an ...)
-	TODO: check
+	NOT-FOR-US: Micrium
 CVE-2021-26705 (An issue was discovered in SquareBox CatDV Server through 9.2. An atta ...)
 	NOT-FOR-US: SquareBox CatDV Server
 CVE-2021-26704 (EPrints 3.4.2 allows remote attackers to execute arbitrary commands vi ...)
@@ -59891,7 +59891,7 @@ CVE-2021-26342
 CVE-2021-26341
 	RESERVED
 CVE-2021-26340 (A malicious hypervisor in conjunction with an unprivileged attacker pr ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2021-26339
 	RESERVED
 CVE-2021-26338 (Improper access controls in System Management Unit (SMU) may allow for ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9962365a056e2db977fba9e6c426d8061685b56

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9962365a056e2db977fba9e6c426d8061685b56
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220126/ac1669d4/attachment.htm>

More information about the debian-security-tracker-commits mailing list