[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add rule for Google devices (Pixel)

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ee0e0b96 by Moritz Muehlenhoff at 2025-03-11T11:56:07+01:00
auto-nfu: Add rule for Google devices (Pixel)

- - - - -
a6173024 by Moritz Muehlenhoff at 2025-03-11T11:56:07+01:00
NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -119,9 +119,9 @@ CVE-2025-0062 (SAP BusinessObjects Business Intelligence Platform allows an atta
 CVE-2024-58102 (An issue was discovered in Datalust Seq before 2024.3.13545. An insecu ...)
 	NOT-FOR-US: Datalust Seq
 CVE-2024-56192 (In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of b ...)
-	TODO: check
+	NOT-FOR-US: Google devices
 CVE-2024-56191 (In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP ...)
-	TODO: check
+	NOT-FOR-US: Google devices
 CVE-2024-49823 (IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow ...)
 	NOT-FOR-US: IBM
 CVE-2024-41760 (IBM Common Cryptographic Architecture 7.0.0 through 7.5.51   could all ...)
@@ -248,15 +248,15 @@ CVE-2025-1296 (Nomad Community and Nomad Enterprise (\u201cNomad\u201d) are vuln
 CVE-2024-57492 (An issue in redoxOS relibc before commit 98aa4ea5 allows a local attac ...)
 	TODO: check
 CVE-2024-56188 (there is a possible way to crash the modem due to a missing null check ...)
-	TODO: check
+	NOT-FOR-US: Google devices
 CVE-2024-56187 (In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrar ...)
-	TODO: check
+	NOT-FOR-US: Google devices
 CVE-2024-56186 (In closeChannel of secureelementimpl.cpp, there is a possible out of b ...)
-	TODO: check
+	NOT-FOR-US: Google devices
 CVE-2024-56185 (In ProtocolUnsolOnSSAdapter::GetServiceClass() of protocolcalladapter. ...)
-	TODO: check
+	NOT-FOR-US: Google devices
 CVE-2024-56184 (In static long dev_send of tipc_dev_ql, there is a possible out of bou ...)
-	TODO: check
+	NOT-FOR-US: Google devices
 CVE-2024-55199 (A Stored Cross Site Scripting (XSS) vulnerability in Celk Sistemas Cel ...)
 	NOT-FOR-US: Celk Sistemas Celk Saude
 CVE-2024-54560 (A logic issue was addressed with improved checks. This issue is fixed  ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -11,6 +11,8 @@
   cna: DEVOLUTIONS
 - reason: Gallagher
   cna: Gallagher
+- reason: Google devices
+  cna: Google_Devices
 - reason: Huawei
   cna: huawei
 - reason: Jenkins (core or plugin)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b6a1a9a2b862d1040ce82e09f5f7fa602002a03d...a617302437bd8643e3e6f44b86e0a83628ba25f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b6a1a9a2b862d1040ce82e09f5f7fa602002a03d...a617302437bd8643e3e6f44b86e0a83628ba25f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250311/59269a9b/attachment.htm>