[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Wed, 11 Nov 2020 00:45:58 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
84e28766 by Salvatore Bonaccorso at 2020-11-11T09:45:23+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,9 +11,9 @@ CVE-2020-28411
 CVE-2020-28410
        RESERVED
 CVE-2020-28409 (The server in Dundas BI through 8.0.0.1001 allows XSS via 
addition of  ...)
-       TODO: check
+       NOT-FOR-US: Dundas BI
 CVE-2020-28408 (The server in Dundas BI through 8.0.0.1001 allows XSS via an 
HTML labe ...)
-       TODO: check
+       NOT-FOR-US: Dundas BI
 CVE-2020-28407
        RESERVED
 CVE-2020-28406
@@ -8949,9 +8949,9 @@ CVE-2020-25269 (An issue was discovered in InspIRCd 2 
before 2.0.29 and 3 before
        NOTE: 
https://github.com/inspircd/inspircd/commit/fbdd08043e97c2749ce2f03382559bba89abf47a
 (v3)
        NOTE: 
https://github.com/inspircd/inspircd/commit/b24a91181f58c7f7141de8995ff212993bcc333b
 (v3)
 CVE-2020-25268 (Remote Code Execution can occur via the external news feed in 
ILIAS 6. ...)
-       TODO: check
+       NOT-FOR-US: ILIAS
 CVE-2020-25267 (An XSS issue exists in the question-pool file-upload preview 
feature i ...)
-       TODO: check
+       NOT-FOR-US: ILIAS
 CVE-2020-25266
        RESERVED
 CVE-2020-25265
@@ -10959,7 +10959,7 @@ CVE-2020-24368 (Icinga Icinga Web2 2.0.0 through 2.6.4, 
2.7.4 and 2.8.2 has a Di
        NOTE: 
https://github.com/Icinga/icingaweb2/commit/5700caf5f2ebd8a20ce2bd9ca30cb471f8b7487e
 (support/2.6)
        NOTE: 
https://github.com/Icinga/icingaweb2/commit/3035efac65ca2f7977916bd117056aa411776dfd
 (master)
 CVE-2020-24367 (Incorrect file permissions in BlueStacks 4 through 4.230 on 
Windows al ...)
-       TODO: check
+       NOT-FOR-US: BlueStacks
 CVE-2020-24366
        RESERVED
 CVE-2020-24365 (An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and 
WRTM-12 ...)
@@ -11796,7 +11796,7 @@ CVE-2020-23970
 CVE-2020-23969
        RESERVED
 CVE-2020-23968 (Ilex International Sign&amp;go Workstation Security Suite 7.1 
allows e ...)
-       TODO: check
+       NOT-FOR-US: Ilex International Sign&go Workstation Security Suite
 CVE-2020-23967
        RESERVED
 CVE-2020-23966
@@ -25568,33 +25568,33 @@ CVE-2020-17115
 CVE-2020-17114
        RESERVED
 CVE-2020-17113 (, aka 'Windows Camera Codec Information Disclosure 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17112
        RESERVED
 CVE-2020-17111
        RESERVED
 CVE-2020-17110 (, aka 'HEVC Video Extensions Remote Code Execution 
Vulnerability'. Thi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17109 (, aka 'HEVC Video Extensions Remote Code Execution 
Vulnerability'. Thi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17108 (, aka 'HEVC Video Extensions Remote Code Execution 
Vulnerability'. Thi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17107 (, aka 'HEVC Video Extensions Remote Code Execution 
Vulnerability'. Thi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17106 (, aka 'HEVC Video Extensions Remote Code Execution 
Vulnerability'. Thi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17105 (, aka 'AV1 Video Extension Remote Code Execution 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17104 (, aka 'Visual Studio Code JSHint Extension Remote Code 
Execution Vulne ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17103
        RESERVED
 CVE-2020-17102 (, aka 'WebP Image Extensions Information Disclosure 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17101 (, aka 'HEIF Image Extensions Remote Code Execution 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17100 (, aka 'Visual Studio Tampering Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17099
        RESERVED
 CVE-2020-17098
@@ -25612,39 +25612,39 @@ CVE-2020-17093
 CVE-2020-17092
        RESERVED
 CVE-2020-17091 (, aka 'Microsoft Teams Remote Code Execution Vulnerability'. 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17090 (, aka 'Microsoft Defender for Endpoint Security Feature Bypass 
Vulnera ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17089
        RESERVED
 CVE-2020-17088 (, aka 'Windows Common Log File System Driver Elevation of 
Privilege Vu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17087 (, aka 'Windows Kernel Local Elevation of Privilege 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17086 (, aka 'Raw Image Extension Remote Code Execution 
Vulnerability'. This  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17085 (, aka 'Microsoft Exchange Server Denial of Service 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17084 (, aka 'Microsoft Exchange Server Remote Code Execution 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17083 (, aka 'Microsoft Exchange Server Remote Code Execution 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17082 (, aka 'Raw Image Extension Remote Code Execution 
Vulnerability'. This  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17081 (, aka 'Microsoft Raw Image Extension Information Disclosure 
Vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17080
        RESERVED
 CVE-2020-17079 (, aka 'Raw Image Extension Remote Code Execution 
Vulnerability'. This  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17078 (, aka 'Raw Image Extension Remote Code Execution 
Vulnerability'. This  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17077 (, aka 'Windows Update Stack Elevation of Privilege 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17076 (, aka 'Windows Update Orchestrator Service Elevation of 
Privilege Vuln ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17075 (, aka 'Windows USO Core Worker Elevation of Privilege 
Vulnerability'. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-17074 (, aka 'Windows Update Orchestrator Service Elevation of 
Privilege Vuln ...)
        TODO: check
 CVE-2020-17073 (, aka 'Windows Update Orchestrator Service Elevation of 
Privilege Vuln ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e28766ab26cc62cd798e59f0b08a99f4b4a8a0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e28766ab26cc62cd798e59f0b08a99f4b4a8a0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to