[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Jan 27 11:20:29 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9dbceff8 by Neil Williams at 2022-01-27T11:19:58+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15583,7 +15583,7 @@ CVE-2021-43400 (An issue was discovered in gatt-database.c in BlueZ 5.61. A use-
 	NOTE: Introduced by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=93b64d9ca8a2bb663e37904d4b2c702c58a36e4f (5.40)
 	NOTE: Fixed by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=838c0dc7641e1c991c0f3027bf94bee4606012f8 (5.62)
 CVE-2021-43399 (The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-s ...)
-	TODO: check
+	NOT-FOR-US: yubihsm-shell
 CVE-2021-43398 (** DISPUTED ** Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a ti ...)
 	- libcrypto++ <unfixed> (unimportant; bug #1000227)
 	NOTE: https://github.com/weidai11/cryptopp/issues/1080
@@ -15818,7 +15818,7 @@ CVE-2021-43300
 CVE-2021-43299
 	RESERVED
 CVE-2021-43298 (The code that performs password matching when using 'Basic' HTTP authe ...)
-	TODO: check
+	NOT-FOR-US: GoAhead Web Server
 CVE-2021-43297 (A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 a ...)
 	NOT-FOR-US: Apache Dubbo
 CVE-2021-3924 (grav is vulnerable to Improper Limitation of a Pathname to a Restricte ...)
@@ -17992,7 +17992,7 @@ CVE-2021-42812
 CVE-2021-42811
 	RESERVED
 CVE-2021-42810 (A flaw in the previous versions of the product may allow an authentica ...)
-	TODO: check
+	NOT-FOR-US: Thales SafeNet Agent
 CVE-2021-42809 (Improper Access Control of Dynamically-Managed Code Resources (DLL) in ...)
 	NOT-FOR-US: ThalesThales Sentinel Protection Installer
 CVE-2021-42808 (Improper Access Control in Thales Sentinel Protection Installer could  ...)
@@ -45573,7 +45573,7 @@ CVE-2021-32041
 CVE-2021-32040
 	RESERVED
 CVE-2021-32039 (Users with appropriate file access may be able to access unencrypted u ...)
-	TODO: check
+	NOT-FOR-US: MongoDB VSCode Extension
 CVE-2021-32038
 	RESERVED
 CVE-2021-32037 (An authorized user may trigger an invariant which may result in denial ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dbceff88559eb2cd613d997c1bc8bfbf77abdf3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dbceff88559eb2cd613d997c1bc8bfbf77abdf3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220127/55e8de47/attachment.htm>

More information about the debian-security-tracker-commits mailing list