[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Nov 26 13:05:04 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a4bb1f4d by Salvatore Bonaccorso at 2023-11-26T14:04:22+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2023-47038 [Write past buffer end via illegal user-defined Unicode property]
 CVE-2023-46671
 	- kibana <itp> (bug #700337)
 CVE-2023-6293 (Prototype Pollution in GitHub repository robinbuschmann/sequelize-type ...)
-	TODO: check
+	NOT-FOR-US: sequelize-typescript
 CVE-2023-6277 (An out-of-memory flaw was found in libtiff. Passing a crafted tiff fil ...)
 	- tiff 4.5.1+git230720-2 (bug #1056751)
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/614
@@ -34,13 +34,13 @@ CVE-2023-49298 (OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scena
 CVE-2023-48712 (Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux ...)
 	NOT-FOR-US: Warpgate
 CVE-2023-48711 (google-translate-api-browser is an npm package which interfaces with t ...)
-	TODO: check
+	NOT-FOR-US: google-translate-api-browser Node.js module
 CVE-2023-48708 (CodeIgniter Shield is an authentication and authorization provider for ...)
 	NOT-FOR-US: CodeIgniter Shield
 CVE-2023-48707 (CodeIgniter Shield is an authentication and authorization provider for ...)
 	NOT-FOR-US: CodeIgniter Shield
 CVE-2023-48312 (capsule-proxy is a reverse proxy for the capsule operator project. Aff ...)
-	TODO: check
+	NOT-FOR-US: capsule-proxy (reverse proxy for Capsule)
 CVE-2023-46575 (A SQL injection vulnerability in Meshery before 0.6.179 allows a remot ...)
 	NOT-FOR-US: Meshery
 CVE-2023-38914



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4bb1f4dd0cb309898fdf847564985ff77e643eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4bb1f4dd0cb309898fdf847564985ff77e643eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231126/50817504/attachment.htm>

More information about the debian-security-tracker-commits mailing list