[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Feb 14 22:37:41 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b9c26799 by Moritz Muehlenhoff at 2024-02-14T23:37:11+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46,9 +46,9 @@ CVE-2024-25165 (A global-buffer-overflow vulnerability was found in SWFTools v0.
 	- swftools <removed>
 	NOTE: https://github.com/matthiaskramm/swftools/issues/217
 CVE-2024-24990 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC mod ...)
-	TODO: check
+	NOT-FOR-US: Quic module for Nginx
 CVE-2024-24989 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC mod ...)
-	TODO: check
+	NOT-FOR-US: Quic module for Nginx
 CVE-2024-24966 (When LDAP remote authentication is configured on F5OS, a remote user w ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2024-24775 (When a virtual server is enabled with VLAN group and SNAT listener is  ...)
@@ -120,7 +120,7 @@ CVE-2023-6408 (CWE-924: Improper Enforcement of Message Integrity During Transmi
 CVE-2023-5123 (The JSON datasource plugin ( https://grafana.com/grafana/plugins/marcu ...)
 	NOT-FOR-US: Grafana plugin
 CVE-2023-5122 (Grafana is an open-source platform for monitoring and observability. T ...)
-	- grafana <removed>
+	NOT-FOR-US: Grafana plugin
 CVE-2023-52399
 	REJECTED
 CVE-2023-52398
@@ -210,7 +210,7 @@ CVE-2023-41252 (Out-of-bounds read in some Intel(R) QAT software drivers for Win
 CVE-2023-41231 (Incorrect default permissions in some ACAT software maintained by Inte ...)
 	NOT-FOR-US: Intel
 CVE-2023-41091 (Uncontrolled search path for some Intel(R) MPI Library Software before ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2023-41090 (Race condition in some Intel(R) MAS software before version 2.3 may al ...)
 	NOT-FOR-US: Intel
 CVE-2023-40161 (Improper access control in some Intel Unite(R) Client software before  ...)
@@ -304,13 +304,13 @@ CVE-2023-32618 (Uncontrolled search path in some Intel(R) oneAPI Toolkit and com
 CVE-2023-32280 (Insufficiently protected credentials in some Intel(R) Server Product O ...)
 	NOT-FOR-US: Intel
 CVE-2023-31271 (Improper access control in some Intel(R) VROC software before version  ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2023-31189 (Improper authentication in some Intel(R) Server Product OpenBMC firmwa ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2023-30767 (Improper buffer restrictions in Intel(R) Optimization for TensorFlow b ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2023-29153 (Uncontrolled resource consumption for some Intel(R) SPS firmware befor ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2023-28720 (Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) ...)
 	- firmware-nonfree <unfixed>
 	[bookworm] - firmware-nonfree <no-dsa> (Non-free not supported)
@@ -641,9 +641,9 @@ CVE-2023-45207 (An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.
 CVE-2023-45206 (An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and ...)
 	NOT-FOR-US: Zimbra
 CVE-2023-31347 (Due to a code bug in Secure_TSC, SEV firmware may allow an attacker wi ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-31346 (Failure to initialize memory in SEV Firmware may allow a privileged at ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-4408 (The DNS message parsing code in `named` includes a section whose compu ...)
 	{DSA-5621-1}
 	- bind9 1:9.19.21-1
@@ -792,7 +792,7 @@ CVE-2024-22024 (An XML external entity or XXE vulnerability in the SAML componen
 CVE-2024-21491 (Versions of the package svix before 1.17.0 are vulnerable to Authentic ...)
 	TODO: check
 CVE-2024-1439 (Inadequate access control in Moodle LMS. This vulnerability could allo ...)
-	TODO: check
+	- moodle <removed>
 CVE-2024-1420
 	REJECTED
 CVE-2024-0566 (The Smart Manager WordPress plugin before 8.28.0 does not properly san ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9c267996b29224747c6227644ab5b5c1ab69d94

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9c267996b29224747c6227644ab5b5c1ab69d94
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240214/8580bc25/attachment.htm>

More information about the debian-security-tracker-commits mailing list