[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Mon May 23 11:05:40 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aeaf4251 by Neil Williams at 2022-05-23T11:02:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5774,11 +5774,11 @@ CVE-2022-29190 (Pion DTLS is a Go implementation of Datagram Transport Layer Sec
 CVE-2022-29189 (Pion DTLS is a Go implementation of Datagram Transport Layer Security. ...)
 	TODO: check
 CVE-2022-29188 (Smokescreen is an HTTP proxy. The primary use case for Smokescreen is  ...)
-	TODO: check
+	NOT-FOR-US: Smokescreen
 CVE-2022-29187
 	RESERVED
 CVE-2022-29186 (Rundeck is an open source automation service with a web console, comma ...)
-	TODO: check
+	NOT-FOR-US: Rundeck
 CVE-2022-29185 (totp-rs is a Rust library that permits the creation of 2FA authentific ...)
 	TODO: check
 CVE-2022-29184 (GoCD is a continuous delivery server. In GoCD versions prior to 22.1.0 ...)
@@ -5840,7 +5840,7 @@ CVE-2022-29162 (runc is a CLI tool for spawning and running containers on Linux
 CVE-2022-29161 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
 	NOT-FOR-US: XWiki
 CVE-2022-29160 (Nextcloud Android is the Android client for Nextcloud, a self-hosted p ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android app
 CVE-2022-29159 (Nextcloud Deck is a Kanban-style project & personal management too ...)
 	NOT-FOR-US: Nextcloud Deck
 CVE-2022-29158
@@ -7268,7 +7268,7 @@ CVE-2022-1237 (Improper Validation of Array Index in GitHub repository radareorg
 CVE-2022-1236 (Weak Password Requirements in GitHub repository weseek/growi prior to  ...)
 	NOT-FOR-US: GROWI
 CVE-2022-28660 (The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x b ...)
-	TODO: check
+	NOT-FOR-US: Grafana Enterprise Logs
 CVE-2022-28659
 	RESERVED
 CVE-2022-28658
@@ -17021,7 +17021,7 @@ CVE-2022-25226 (ThinVNC version 1.0b1 allows an unauthenticated user to bypass t
 CVE-2022-25225 (Network Olympus version 1.8.0 allows an authenticated admin user to in ...)
 	NOT-FOR-US: Network Olympus
 CVE-2022-25224 (Proton v0.2.0 allows an attacker to create a malicious link inside a m ...)
-	TODO: check
+	NOT-FOR-US: steventhanna/proton
 CVE-2022-25223 (Money Transfer Management System Version 1.0 allows an authenticated u ...)
 	NOT-FOR-US: Money Transfer Management System
 CVE-2022-25222 (Money Transfer Management System Version 1.0 allows an unauthenticated ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeaf425195fdf419423ae89273143645448137e2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeaf425195fdf419423ae89273143645448137e2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220523/960a3719/attachment.htm>

More information about the debian-security-tracker-commits mailing list