[Git][security-tracker-team/security-tracker][master] auto-nfu: Add cna based rule for Qualcomm products
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 7 21:47:44 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c070622f by Salvatore Bonaccorso at 2025-04-07T22:47:36+02:00
auto-nfu: Add cna based rule for Qualcomm products
In past Qualcomm CNA *did* assign some CVEs with relation to packages
(src:linux mainly), but since, with last CVE id CVE-2020-3702, the scope
is narrow to Qualcomm and Snapdragon issues only.
>From the CVEs known at this point in time thus:
Total CVEs from qualcomm: 3436
Total CVEs from qualcomm with packages assigned: 14
but the 14 ones were all ancient one before the more restrictive scope.
It seems safe to make CVEs from Qualcomm NFU entries.
- - - - -
1 changed file:
- data/packages/nfu.yaml
Changes:
=====================================
data/packages/nfu.yaml
=====================================
@@ -91,6 +91,8 @@
cna: PandoraFMS
- reason: QNAP
cna: qnap
+- reason: Qualcomm
+ cna: qualcomm
- reason: Rockwell Automation
cna: Rockwell
- reason: Samsung Mobile
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c070622ff581c2e7be171008fbcf3abb2d98adf5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c070622ff581c2e7be171008fbcf3abb2d98adf5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250407/6466725e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list