[Git][security-tracker-team/security-tracker][master] Process some NFUs and mark CVE-2021-3382{7,8} as ownload <removed>

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
57b57c44 by Neil Williams at 2022-01-27T10:39:06+00:00
Process some NFUs and mark CVE-2021-3382{7,8} as ownload <removed>

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31375,9 +31375,9 @@ CVE-2021-37943
 CVE-2021-37942
 	RESERVED
 CVE-2021-37941 (A local privilege escalation issue was found with the APM Java agent,  ...)
-	TODO: check
+	NOT-FOR-US: Elastic APM Java agent
 CVE-2021-37940 (An information disclosure via GET request server-side request forgery  ...)
-	TODO: check
+	NOT-FOR-US: Workplace Search GHES integration
 CVE-2021-37939 (It was discovered that Kibana’s JIRA connector & IBM Resilie ...)
 	NOT-FOR-US: IBM
 CVE-2021-37938 (It was discovered that on Windows operating systems specifically, Kiba ...)
@@ -34088,11 +34088,11 @@ CVE-2021-36783
 CVE-2021-36782
 	RESERVED
 CVE-2021-36781 (A Incorrect Default Permissions vulnerability in the parsec package of ...)
-	TODO: check
+	NOT-FOR-US: Parsec
 CVE-2021-36780 (A Improper Access Control vulnerability in longhorn of SUSE Longhorn a ...)
-	TODO: check
+	NOT-FOR-US: Longhorn
 CVE-2021-36779 (A Improper Access Control vulnerability inf SUSE Longhorn allows any w ...)
-	TODO: check
+	NOT-FOR-US: Longhorn
 CVE-2021-36778
 	RESERVED
 CVE-2021-36777
@@ -35610,7 +35610,7 @@ CVE-2021-36135
 CVE-2021-36134 (Out of bounds write vulnerability in the JPEG parsing code of Netop Vi ...)
 	NOT-FOR-US: McAfee
 CVE-2021-36133 (The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access ...)
-	TODO: check
+	NOT-FOR-US: OP-TEE
 CVE-2021-36132 (An issue was discovered in the FileImporter extension in MediaWiki thr ...)
 	NOT-FOR-US: FileImport MediaWiki extension
 	NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/M7MVMBYMLNIVLHCWL2KKZGH36HYN4YON/
@@ -41038,9 +41038,9 @@ CVE-2021-33829 (A cross-site scripting (XSS) vulnerability in the HTML Data Proc
 	NOTE: https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser
 	NOTE: https://github.com/ckeditor/ckeditor4/commit/3e426ce34f7fc7bf784624358831ef9e189bb6ed
 CVE-2021-33828 (The files_antivirus component before 1.0.0 for ownCloud mishandles the ...)
-	TODO: check
+	- owncloud <removed>
 CVE-2021-33827 (The files_antivirus component before 1.0.0 for ownCloud allows OS Comm ...)
-	TODO: check
+	- owncloud <removed>
 CVE-2021-33826
 	RESERVED
 CVE-2021-33825



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57b57c44fdba5a6d65db72fbe1369bad96dae2b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57b57c44fdba5a6d65db72fbe1369bad96dae2b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220127/b6ea2b0b/attachment.htm>