[Git][security-tracker-team/security-tracker][master] NFUs

Thu, 14 Jan 2021 13:02:27 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
eff1ac6d by Moritz Muehlenhoff at 2021-01-14T22:01:55+01:00
NFUs
lldpd no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2510,7 +2510,7 @@ CVE-2021-23938
 CVE-2021-23937
        RESERVED
 CVE-2021-3138 (In Discourse 2.7.0 through beta1, a rate-limit bypass leads to 
a bypas ...)
-       TODO: check
+       NOT-FOR-US: Discourse
 CVE-2021-3137
        RESERVED
 CVE-2021-3136
@@ -2609,9 +2609,9 @@ CVE-2021-23902
 CVE-2021-23901
        RESERVED
 CVE-2021-23900 (OWASP json-sanitizer before 1.2.2 can output invalid JSON or 
throw an  ...)
-       TODO: check
+       NOT-FOR-US: OWASP json-sanitizer
 CVE-2021-23899 (OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags 
and CDA ...)
-       TODO: check
+       NOT-FOR-US: OWASP json-sanitizer
 CVE-2021-23898
        RESERVED
 CVE-2021-23897
@@ -7140,7 +7140,7 @@ CVE-2021-21724
 CVE-2021-21723
        RESERVED
 CVE-2021-21722 (A ZTE Smart STB is impacted by an information leak 
vulnerability. The  ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21721
        RESERVED
 CVE-2021-21720
@@ -21804,6 +21804,7 @@ CVE-2020-27828 (There's a flaw in jasper's jpc encoder 
in versions prior to 2.0.
 CVE-2020-27827 [lldp: avoid memory leak from bad packets]
        RESERVED
        - lldpd 1.0.8-1
+       [buster] - lldpd <no-dsa> (Minor issue)
        - openvswitch <unfixed>
        NOTE: https://github.com/openvswitch/ovs/pull/337
        NOTE: 
https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eff1ac6d8212f02291cb5775bcc9d3528ba46b40

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eff1ac6d8212f02291cb5775bcc9d3528ba46b40
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to