[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jan 12 20:38:09 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
042cbeab by Salvatore Bonaccorso at 2026-01-12T21:37:44+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,29 +11,29 @@ CVE-2026-22776 (cpp-httplib is a C++11 single-file header-only cross platform HT
 	NOTE: https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-h934-98h4-j43q
 	NOTE: Fixed by: https://github.com/yhirose/cpp-httplib/commit/2e2e47bab1ae6a853476eecbc4bf279dd1fef792 (0.30.1)
 CVE-2026-22771 (Envoy Gateway is an open source project for managing Envoy Proxy as a  ...)
-	TODO: check
+	NOT-FOR-US: Envoy Gateway
 CVE-2026-22252 (LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2 ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2026-22251 (wlc is a Weblate command-line client using Weblate's REST API. Prior t ...)
 	TODO: check
 CVE-2026-22250 (wlc is a Weblate command-line client using Weblate's REST API. Prior t ...)
 	TODO: check
 CVE-2026-22200 (Enhancesoft osTicket versions up to and including 1.18.2 contain an ar ...)
-	TODO: check
+	NOT-FOR-US: osTicket
 CVE-2026-22050 (ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 w ...)
 	NOT-FOR-US: NetApp
 CVE-2026-22033 (Label Studio is a multi-type data labeling and annotation tool. In 1.2 ...)
-	TODO: check
+	NOT-FOR-US: Label Studio
 CVE-2025-71063 (Errands before 46.2.10 does not verify TLS certificates for CalDAV ser ...)
 	TODO: check
 CVE-2025-68657 (Espressif ESP-IDF USB Host HID (Human Interface Device) Driver allows  ...)
-	TODO: check
+	NOT-FOR-US: Espressif ESP-IDF
 CVE-2025-68656 (Espressif ESP-IDF USB Host HID (Human Interface Device) Driver allows  ...)
-	TODO: check
+	NOT-FOR-US: Espressif ESP-IDF
 CVE-2025-68622 (Espressif ESP-IDF USB Host UVC Class Driver allows video streaming fro ...)
-	TODO: check
+	NOT-FOR-US: Espressif ESP-IDF
 CVE-2025-68472 (MindsDB is a platform for building artificial intelligence from enterp ...)
-	TODO: check
+	NOT-FOR-US: MindsDB
 CVE-2025-68471 (Avahi is a system which facilitates service discovery on a local netwo ...)
 	TODO: check
 CVE-2025-68468 (Avahi is a system which facilitates service discovery on a local netwo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/042cbeab37b934456a75db6055faa488c8e12dab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/042cbeab37b934456a75db6055faa488c8e12dab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260112/644d08be/attachment.htm>

More information about the debian-security-tracker-commits mailing list