[Git][security-tracker-team/security-tracker][master] mark CVE-2022-39052 as NFU, znuny diverged a lot from OTRS 6.0 and the upstream

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ce13d6eb by Moritz Muehlenhoff at 2022-11-25T15:25:10+01:00
mark CVE-2022-39052 as NFU, znuny diverged a lot from OTRS 6.0 and the upstream
fixed several bugs which could be the one described by OTRS, but in the end noone
will know for sure and it doesn't make sense to keep it open indefinitely

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20505,7 +20505,9 @@ CVE-2022-39054 (Cowell enterprise travel management system has insufficient filt
 CVE-2022-39053 (Heimavista Rpage has insufficient filtering for platform web URL. An u ...)
 	NOT-FOR-US: Heimavista Rpage
 CVE-2022-39052 (An external attacker is able to send a specially crafted email (with m ...)
-	- znuny <undetermined> (bug #1024560)
+	NOT-FOR-US: OTRS
+	NOTE: Could possibly affect Znuny, we'll let their security team figure it out
+	NOTE: Was also tracked as #1024560
 CVE-2022-39051 (Attacker might be able to execute malicious Perl code in the Template  ...)
 	NOT-FOR-US: OTRS
 	NOTE: Could possibly affect Znuny, we'll let their security team figure it out



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce13d6eb9d745646a59f30c1f2c277156eff3d53

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce13d6eb9d745646a59f30c1f2c277156eff3d53
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221125/4fb3d670/attachment.htm>