[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Sat, 01 Aug 2020 01:15:13 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
794d1178 by Salvatore Bonaccorso at 2020-08-01T10:14:29+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -853,11 +853,11 @@ CVE-2020-15873 (In LibreNMS before 1.65.1, an 
authenticated attacker can achieve
 CVE-2020-15872
        RESERVED
 CVE-2020-15871 (Sonatype Nexus Repository Manager OSS/Pro version before 
3.25.1 allows ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
 CVE-2020-15870 (Sonatype Nexus Repository Manager OSS/Pro versions before 
3.25.1 allow ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
 CVE-2020-15869 (Sonatype Nexus Repository Manager OSS/Pro versions before 
3.25.1 allow ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
 CVE-2020-15868
        RESERVED
 CVE-2020-15867
@@ -28252,9 +28252,9 @@ CVE-2020-5416
 CVE-2020-5415
        RESERVED
 CVE-2020-5414 (VMware Tanzu Application Service for VMs (2.7.x versions prior 
to 2.7. ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2020-5413 (Spring Integration framework provides Kryo Codec 
implementations as an ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2020-5412
        RESERVED
 CVE-2020-5411 (When configured to enable default typing, Jackson contained a 
deserial ...)
@@ -28297,7 +28297,7 @@ CVE-2020-5397 (Spring Framework, versions 5.2.x prior 
to 5.2.3 are vulnerable to
        NOTE: https://github.com/spring-projects/spring-framework/issues/24327
        NOTE: 
https://github.com/spring-projects/spring-framework/commit/bc7d01048579430b4b2df668178809b63d3f1929
 CVE-2020-5396 (VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 
9.7.6, and  ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2020-5395 (FontForge 20190801 has a use-after-free in SFD_GetFontMetaData 
in sfd. ...)
        - fontforge <unfixed> (bug #948231)
        [buster] - fontforge <no-dsa> (Minor issue)
@@ -67078,7 +67078,7 @@ CVE-2019-11287 (Pivotal RabbitMQ, versions 3.7.x prior 
to 3.7.21 and 3.8.x prior
        [jessie] - rabbitmq-server <postponed> (Minor issue)
        NOTE: https://pivotal.io/security/cve-2019-11287
 CVE-2019-11286 (VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 
9.7.5, and  ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2019-11285
        REJECTED
 CVE-2019-11284 (Pivotal Reactor Netty, versions prior to 0.8.11, passes 
headers throug ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/794d11784378ffd3db49861950b00ed25747aae9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/794d11784378ffd3db49861950b00ed25747aae9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to