[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Wed, 15 Apr 2020 14:15:28 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
98af0157 by Salvatore Bonaccorso at 2020-04-15T23:14:52+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -431,7 +431,7 @@ CVE-2020-11725 (** DISPUTED ** snd_ctl_elem_add in 
sound/core/control.c in the L
        - linux <unfixed>
        NOTE: https://twitter.com/yabbadabbadrew/status/1248632267028582400
 CVE-2020-11723 (Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA 
private keys  ...)
-       TODO: check
+       NOT-FOR-US: Cellebrite UFED
 CVE-2020-11722 (Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 
allows remote ...)
        - crawl <unfixed>
        NOTE: 
https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
@@ -561,11 +561,11 @@ CVE-2020-11668 (In the Linux kernel before 5.6.1, 
drivers/media/usb/gspca/xirlin
 CVE-2020-11667
        RESERVED
 CVE-2020-11666 (CA API Developer Portal 4.3.1 and earlier contains an access 
control f ...)
-       TODO: check
+       NOT-FOR-US: CA API Developer Portal
 CVE-2020-11665 (CA API Developer Portal 4.3.1 and earlier handles 
loginRedirect page r ...)
-       TODO: check
+       NOT-FOR-US: CA API Developer Portal
 CVE-2020-11664 (CA API Developer Portal 4.3.1 and earlier handles homeRedirect 
page re ...)
-       TODO: check
+       NOT-FOR-US: CA API Developer Portal
 CVE-2020-11663
        RESERVED
 CVE-2020-11662
@@ -1151,13 +1151,13 @@ CVE-2020-11539
 CVE-2020-11538
        RESERVED
 CVE-2020-11537 (A SQL Injection issue was discovered in ONLYOFFICE Document 
Server 5.5 ...)
-       TODO: check
+       NOT-FOR-US: ONLYOFFICE Document Server
 CVE-2020-11536 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. 
An attack ...)
-       TODO: check
+       NOT-FOR-US: ONLYOFFICE Document Server
 CVE-2020-11535 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. 
An attack ...)
-       TODO: check
+       NOT-FOR-US: ONLYOFFICE Document Server
 CVE-2020-11534 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. 
An attack ...)
-       TODO: check
+       NOT-FOR-US: ONLYOFFICE Document Server
 CVE-2020-11533 (Ivanti Workspace Control before 10.4.30.0, when SCCM 
integration is en ...)
        NOT-FOR-US: Ivanti Workspace Control
 CVE-2020-11532
@@ -3406,7 +3406,7 @@ CVE-2020-10648 (Das U-Boot through 2020.01 allows 
attackers to bypass verified b
 CVE-2020-10647
        RESERVED
 CVE-2020-10646 (Fuji Electric V-Server Lite all versions prior to 4.0.9.0 
contains a h ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric V-Server Lite
 CVE-2020-10645
        RESERVED
 CVE-2020-10644
@@ -3414,17 +3414,17 @@ CVE-2020-10644
 CVE-2020-10643
        RESERVED
 CVE-2020-10642 (In Rockwell Automation RSLinx Classic versions 4.1.00 and 
prior, an au ...)
-       TODO: check
+       NOT-FOR-US: Rockwell
 CVE-2020-10641
        RESERVED
 CVE-2020-10640
        RESERVED
 CVE-2020-10639 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 
3.00.23 and p ...)
-       TODO: check
+       NOT-FOR-US: Eaton HMiSoft VU3
 CVE-2020-10638
        RESERVED
 CVE-2020-10637 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 
3.00.23 and p ...)
-       TODO: check
+       NOT-FOR-US: Eaton HMiSoft VU3
 CVE-2020-10636
        RESERVED
 CVE-2020-10635
@@ -3468,15 +3468,15 @@ CVE-2020-10617 (There are multiple ways an 
unauthenticated attacker could perfor
 CVE-2020-10616
        RESERVED
 CVE-2020-10615 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 
4.0.122, 2.41 ...)
-       TODO: check
+       NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
 CVE-2020-10614
        RESERVED
 CVE-2020-10613 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 
4.0.122, 2.41 ...)
-       TODO: check
+       NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
 CVE-2020-10612
        RESERVED
 CVE-2020-10611 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 
4.0.122, 2.41 ...)
-       TODO: check
+       NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
 CVE-2020-10610
        RESERVED
 CVE-2020-10609
@@ -3700,9 +3700,9 @@ CVE-2020-10516
 CVE-2020-10515 (STARFACE UCC Client before 6.7.1.204 on WIndows allows binary 
planting ...)
        NOT-FOR-US: STARFACE UCC Client
 CVE-2020-10514 (iCatch DVR do not validate function parameter properly, 
resulting atta ...)
-       TODO: check
+       NOT-FOR-US: iCatch DVR
 CVE-2020-10513 (The file management interface of iCatch DVR contains broken 
access con ...)
-       TODO: check
+       NOT-FOR-US: iCatch DVR
 CVE-2020-10512 (HGiga C&amp;Cmail contains a SQL Injection vulnerability which 
allows  ...)
        TODO: check
 CVE-2020-10511 (HGiga C&amp;Cmail contains insecure configurations. Attackers 
can expl ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98af01570d0901da2dfc3c503219b8e99cf7f8b2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98af01570d0901da2dfc3c503219b8e99cf7f8b2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to