[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Mon, 23 Nov 2020 12:26:49 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
64132cb2 by Salvatore Bonaccorso at 2020-11-23T21:26:16+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -283,7 +283,7 @@ CVE-2020-28866
 CVE-2020-28865
        RESERVED
 CVE-2020-28864 (Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server 
to caus ...)
-       TODO: check
+       NOT-FOR-US: WinSCP
 CVE-2020-28863
        RESERVED
 CVE-2020-28862
@@ -2328,7 +2328,7 @@ CVE-2020-28423
 CVE-2020-28422
        RESERVED
 CVE-2020-28421 (CA Unified Infrastructure Management 20.1 and earlier contains 
a vulne ...)
-       TODO: check
+       NOT-FOR-US: CA Unified Infrastructure Management
 CVE-2020-28420
        RESERVED
 CVE-2020-28419
@@ -4812,7 +4812,7 @@ CVE-2020-27987
 CVE-2020-27986 (** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers 
to discov ...)
        NOT-FOR-US: SonarQube
 CVE-2020-27985 (Security Onion v2 prior to 2.3.10 has an incorrect sudo 
configuration, ...)
-       TODO: check
+       NOT-FOR-US: Security Onion
 CVE-2020-27984
        RESERVED
 CVE-2020-27983
@@ -9184,7 +9184,7 @@ CVE-2020-26241
 CVE-2020-26240
        RESERVED
 CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and 
Firefox ...)
-       TODO: check
+       NOT-FOR-US: Scratch Addons
 CVE-2020-26238
        RESERVED
 CVE-2020-26237
@@ -52185,9 +52185,9 @@ CVE-2020-8281
 CVE-2020-8280
        RESERVED
 CVE-2020-8279 (Missing validation of server certificates for out-going 
connections in ...)
-       TODO: check
+       NOT-FOR-US: Nextcloud Social app
 CVE-2020-8278 (Improper access control in Nextcloud Social app version 0.3.1 
allowed  ...)
-       TODO: check
+       NOT-FOR-US: Nextcloud Social app
 CVE-2020-8277 (A Node.js application that allows an attacker to trigger a DNS 
request ...)
        - c-ares 1.17.1-1
        [buster] - c-ares <not-affected> (Introduced in 1.16)
@@ -55537,7 +55537,7 @@ CVE-2020-6941
 CVE-2020-6940
        RESERVED
 CVE-2020-6939 (Tableau Server installations configured with Site-Specific SAML 
that a ...)
-       TODO: check
+       NOT-FOR-US: Tableau Server
 CVE-2020-6938 (A sensitive information disclosure vulnerability in Tableau 
Server 10. ...)
        NOT-FOR-US: Tableau Server
 CVE-2020-6937 (A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 
3.9.x, ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64132cb282546c1ed6c3a9fce6a3604a21fc3596

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64132cb282546c1ed6c3a9fce6a3604a21fc3596
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to