[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Oct 22 08:42:47 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bb07a697 by Salvatore Bonaccorso at 2022-10-22T09:42:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1335,19 +1335,19 @@ CVE-2022-43040 (GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain
 CVE-2022-43039 (GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segm ...)
 	TODO: check
 CVE-2022-43038 (Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-43037 (An issue was discovered in Bento4 1.6.0-639. There is a memory leak in ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-43036
 	RESERVED
 CVE-2022-43035 (An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-o ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-43034 (An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer o ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-43033 (An issue was discovered in Bento4 1.6.0-639. There is a bad free in th ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-43032 (An issue was discovered in Bento4 v1.6.0-639. There is a memory leak i ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-43031
 	RESERVED
 CVE-2022-43030
@@ -1365,25 +1365,25 @@ CVE-2022-43025 (Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered t
 CVE-2022-43024 (Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to cont ...)
 	NOT-FOR-US: Tenda
 CVE-2022-43023 (OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43022 (OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43021 (OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43020 (OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43019 (OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43018 (OpenCATS v0.9.6 was discovered to contain a reflected cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43017 (OpenCATS v0.9.6 was discovered to contain a reflected cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43016 (OpenCATS v0.9.6 was discovered to contain a reflected cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43015 (OpenCATS v0.9.6 was discovered to contain a reflected cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43014 (OpenCATS v0.9.6 was discovered to contain a reflected cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: OpenCATS
 CVE-2022-43013
 	RESERVED
 CVE-2022-43012
@@ -154919,7 +154919,7 @@ CVE-2020-23650
 CVE-2020-23649
 	RESERVED
 CVE-2020-23648 (Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulne ...)
-	TODO: check
+	NOT-FOR-US: Asus
 CVE-2020-23647
 	RESERVED
 CVE-2020-23646
@@ -200740,7 +200740,7 @@ CVE-2020-5357 (Dell Dock Firmware Update Utilities for Dell Client Consumer and
 CVE-2020-5356 (Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell  ...)
 	NOT-FOR-US: Dell
 CVE-2020-5355 (The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improper ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2020-5354
 	RESERVED
 CVE-2020-5353 (The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerSca ...)
@@ -466755,7 +466755,7 @@ CVE-2013-4282 (Stack-based buffer overflow in the reds_handle_ticket function in
 	- spice 0.12.4-0nocelt2 (bug #728314)
 	NOTE: http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2
 CVE-2013-4281 (In Red Hat Openshift 1, weak default permissions are applied to the /e ...)
-	TODO: check
+	NOT-FOR-US: OpenShift
 CVE-2013-4280 (Insecure temporary file vulnerability in RedHat vsdm 4.9.6. ...)
 	- vdsm <itp> (bug #668538)
 CVE-2013-4279 (imapsync 1.564 and earlier performs a release check by default, which  ...)
@@ -466840,7 +466840,7 @@ CVE-2013-4254 (The validate_event function in arch/arm/kernel/perf_event.c in th
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (No perf support on arm)
 CVE-2013-4253 (The deployment script in the unsupported "OpenShift Extras" set of add ...)
-	TODO: check
+	NOT-FOR-US: OpenShift
 CVE-2013-4252
 	REJECTED
 CVE-2013-4251 (The scipy.weave component in SciPy before 0.12.1 creates insecure temp ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb07a697267099f36bdad218b9bfb3767c2364b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb07a697267099f36bdad218b9bfb3767c2364b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221022/799560a0/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list