[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 23 10:48:13 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
701fab4b by Moritz Muehlenhoff at 2024-01-23T11:47:30+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,45 +15,45 @@ CVE-2024-23342 (The `ecdsa` PyPI package is a pure Python implementation of ECC
 	NOTE: https://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mp
 	NOTE: https://minerva.crocs.fi.muni.cz/
 CVE-2024-23340 (@hono/node-server is an adapter that allows users to run Hono applicat ...)
-	TODO: check
+	NOT-FOR-US: Hono
 CVE-2024-23339 (hoolock is a suite of lightweight utilities designed to maintain a sma ...)
-	TODO: check
+	NOT-FOR-US: hoolock
 CVE-2024-23224 (The issue was addressed with improved checks. This issue is fixed in m ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23223 (A privacy issue was addressed with improved handling of files. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23222 (A type confusion issue was addressed with improved checks. This issue  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23219 (The issue was addressed with improved authentication. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23218 (A timing side-channel issue was addressed with improvements to constan ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23217 (A privacy issue was addressed with improved handling of temporary file ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23215 (An issue was addressed with improved handling of temporary files. This ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23214 (Multiple memory corruption issues were addressed with improved memory  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23213 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23212 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23211 (A privacy issue was addressed with improved handling of user preferenc ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23210 (This issue was addressed with improved redaction of sensitive informat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23209 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23208 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23207 (This issue was addressed with improved redaction of sensitive informat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23206 (An access issue was addressed with improved access restrictions. This  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23204 (The issue was addressed with additional permissions checks. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-23203 (The issue was addressed with additional permissions checks. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-22772 (Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 all ...)
 	NOT-FOR-US: Hitron Systems DVR LGUVR-8H
 CVE-2024-22771 (Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 all ...)
@@ -69,19 +69,19 @@ CVE-2024-0587 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPre
 CVE-2023-47141 (IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11. ...)
 	NOT-FOR-US: IBM
 CVE-2023-42937 (A privacy issue was addressed with improved private data redaction for ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2023-42935 (An authentication issue was addressed with improved state management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2023-42915 (Multiple issues were addressed by updating to curl version 8.4.0. This ...)
-	TODO: check
+	NOT-FOR-US: Apple (bundling curl)
 CVE-2023-42888 (The issue was addressed with improved checks. This issue is fixed in i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2023-42887 (An access issue was addressed with additional sandbox restrictions. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2023-42881 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2023-40528 (This issue was addressed by removing the vulnerable code. This issue i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-22895 (DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/modul ...)
 	NOT-FOR-US: DedeCMS
 CVE-2024-22233 (In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a us ...)
@@ -218,7 +218,7 @@ CVE-2016-15037 (A vulnerability, which was classified as problematic, has been f
 CVE-2023-7063 (The WPForms Pro plugin for WordPress is vulnerable to Stored Cross-Sit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-23689 (Exposure of sensitive information in exceptions in ClichHouse's clickh ...)
-	TODO: check
+	NOT-FOR-US: clickhouse-r2dbc
 CVE-2024-23688 (Consensys Discovery versions less than 0.4.5 uses the same AES/GCM non ...)
 	NOT-FOR-US: Consensys Discovery
 CVE-2024-23687 (Hard-coded credentials in FOLIO mod-data-export-spring versions before ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/701fab4b069d369fa4be51ce74ec78e9ffe12b05

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/701fab4b069d369fa4be51ce74ec78e9ffe12b05
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240123/5e448c3d/attachment.htm>

More information about the debian-security-tracker-commits mailing list