[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Fri Sep 2 08:25:26 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
38ead3de by Neil Williams at 2022-09-02T08:24:48+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -117237,7 +117237,7 @@ CVE-2020-35994
 CVE-2020-35993
 	RESERVED
 CVE-2020-35992 (Fiserv Prologue through 2020-12-16 does not properly protect the datab ...)
-	TODO: check
+	NOT-FOR-US: Fiserv Prologue
 CVE-2020-35991
 	RESERVED
 CVE-2020-35990
@@ -129957,9 +129957,9 @@ CVE-2021-0949
 CVE-2021-0948
 	RESERVED
 CVE-2021-0947 (The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on th ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-0946 (The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameI ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-0945
 	RESERVED
 CVE-2021-0944
@@ -130098,7 +130098,7 @@ CVE-2021-0893 (In apusys, there is a possible memory corruption due to a use aft
 CVE-2021-0892
 	RESERVED
 CVE-2021-0891 (An unprivileged app can trigger PowerVR driver to return an uninitiali ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-0890
 	RESERVED
 CVE-2021-0889 (In Android TV , there is a possible silent pairing due to lack of rate ...)
@@ -130106,7 +130106,7 @@ CVE-2021-0889 (In Android TV , there is a possible silent pairing due to lack of
 CVE-2021-0888
 	RESERVED
 CVE-2021-0887 (In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kern ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-0886
 	RESERVED
 CVE-2021-0885
@@ -130487,7 +130487,7 @@ CVE-2021-0700
 CVE-2021-0699
 	RESERVED
 CVE-2021-0698 (In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-0697
 	RESERVED
 CVE-2021-0696
@@ -135525,7 +135525,7 @@ CVE-2020-26939 (In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before
 	NOTE: https://github.com/bcgit/bc-java/wiki/CVE-2020-26939
 	NOTE: https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1 (r1rv61)
 CVE-2020-26938 (In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of  ...)
-	TODO: check
+	NOT-FOR-US: node-oauth2-server
 CVE-2020-26937
 	RESERVED
 CVE-2020-26936 (Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF at ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38ead3de808430633e6ab208cf51d453477cd243

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38ead3de808430633e6ab208cf51d453477cd243
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220902/391ef71b/attachment.htm>

More information about the debian-security-tracker-commits mailing list