[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Mar 1 21:15:55 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c2d43a8 by Salvatore Bonaccorso at 2023-03-01T22:15:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3923,7 +3923,7 @@ CVE-2023-0873
 CVE-2023-25932
 	RESERVED
 CVE-2023-25931 (Medtronic identified that the Pelvic Health clinician apps, which are  ...)
-	TODO: check
+	NOT-FOR-US: Pelvic Health clinician apps
 CVE-2023-25930
 	RESERVED
 CVE-2023-25929
@@ -5273,7 +5273,7 @@ CVE-2023-25548
 CVE-2023-25547
 	RESERVED
 CVE-2023-25544 (Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' versi ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-25543
 	RESERVED
 CVE-2023-25542
@@ -6315,11 +6315,11 @@ CVE-2023-0660
 CVE-2023-0659 (A vulnerability was found in BDCOM 1704-WGL 2.0.6314. It has been clas ...)
 	NOT-FOR-US: BDCOM
 CVE-2022-4901 (Multiple stored XSS vulnerabilities in Sophos Connect versions older t ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2022-48310 (An information disclosure vulnerability allows sensitive key material  ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2022-48309 (A CSRF vulnerability allows malicious websites to retrieve logs and te ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2023-25139 (sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-o ...)
 	- glibc <not-affected> (Vulnerable code introduced in 2.37)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=30068
@@ -7919,7 +7919,7 @@ CVE-2023-24569 (Dell Alienware Command Center versions 5.5.37.0 and prior contai
 CVE-2023-24568
 	RESERVED
 CVE-2023-24567 (Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version di ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-24566 (A vulnerability has been identified in Solid Edge SE2022 (All versions ...)
 	NOT-FOR-US: Siemens
 CVE-2023-24565 (A vulnerability has been identified in Solid Edge SE2022 (All versions ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c2d43a897ab7b64bcc60514e2cba43ee5dd8f17

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c2d43a897ab7b64bcc60514e2cba43ee5dd8f17
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230301/fa812978/attachment.htm>


More information about the debian-security-tracker-commits mailing list