[Git][security-tracker-team/security-tracker][master] auto-nfu: Add CNA based rule for Palo Alto Networks products

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
02e78806 by Salvatore Bonaccorso at 2025-03-12T22:52:01+01:00
auto-nfu: Add CNA based rule for Palo Alto Networks products

Historically there were 3 CVE assignmens (2x linux, 1x libslirp; debian:
qemu, qemu-kvm, libslirp, slirp4netns), aka CVE-2020-1983,
CVE-2021-23133 and CVE-2021-23134 which were assigned.

The scope now is "All Palo Alto Networks products, and vulnerabilities
discovered by Palo Alto Networks that are not in another CNA’s scope."
which does not cover anymore Linux for instance.

Should be rather safe to mark those CVEs automatically as NFU.

- - - - -


1 changed file:

- data/packages/nfu.yaml


Changes:

=====================================
data/packages/nfu.yaml
=====================================
@@ -33,6 +33,8 @@
   cna: Joomla
 - reason: Juniper
   cna: juniper
+- reason: Palo Alto Networks
+  cna: palo_alto
 - reason: OpenHarmony
   cna: OpenHarmony
 - reason: QNAP



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e78806bae39b430c9e804ae801c91f239a8c7e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e78806bae39b430c9e804ae801c91f239a8c7e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250312/3bd8b17c/attachment.htm>