[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 21 May 2021 13:20:22 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
32052e3f by Salvatore Bonaccorso at 2021-05-21T22:19:52+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1829,7 +1829,7 @@ CVE-2021-32636
 CVE-2021-32635
        RESERVED
 CVE-2021-32634 (Emissary is a distributed, peer-to-peer, data-driven workflow 
framewor ...)
-       TODO: check
+       NOT-FOR-US: NSA Emissary
 CVE-2021-32633 (Zope is an open-source web application server. In Zope 
versions prior  ...)
        TODO: check
 CVE-2021-32632 (Pajbot is a Twitch chat bot. Pajbot versions prior to 1.52 are 
vulnera ...)
@@ -3147,7 +3147,7 @@ CVE-2021-32034
 CVE-2021-32033
        RESERVED
 CVE-2021-32032 (In Trusted Firmware-M through 1.3.0, cleaning up the memory 
allocated  ...)
-       TODO: check
+       NOT-FOR-US: Trusted Firmware-M
 CVE-2021-32031
        RESERVED
 CVE-2020-36362
@@ -4674,9 +4674,9 @@ CVE-2021-31477
 CVE-2021-31476
        RESERVED
 CVE-2021-31475 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2021-31474 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2021-31473 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
        NOT-FOR-US: Foxit Reader
 CVE-2021-31472 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
@@ -4746,7 +4746,7 @@ CVE-2021-31441 (This vulnerability allows remote 
attackers to execute arbitrary
 CVE-2021-31440 (This vulnerability allows local attackers to escalate 
privileges on af ...)
        TODO: check
 CVE-2021-31439 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-31438 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
        NOT-FOR-US: Foxit
 CVE-2021-31437 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
@@ -9573,7 +9573,7 @@ CVE-2021-29416 (An issue was discovered in PortSwigger 
Burp Suite before 2021.2.
 CVE-2021-29415 (The elliptic curve cryptography (ECC) hardware accelerator, 
part of th ...)
        TODO: check
 CVE-2021-29414 (STMicroelectronics STM32L4 devices through 2021-03-29 have 
incorrect p ...)
-       TODO: check
+       NOT-FOR-US: STMicroelectronics STM32L4 devices
 CVE-2021-29413
        RESERVED
 CVE-2021-29412
@@ -13368,7 +13368,7 @@ CVE-2021-27813
 CVE-2021-27812
        RESERVED
 CVE-2021-27811 (A code injection vulnerability has been discovered in the 
Upgrade func ...)
-       TODO: check
+       NOT-FOR-US: QibosoftX1
 CVE-2021-27810
        RESERVED
 CVE-2021-27809
@@ -25933,7 +25933,7 @@ CVE-2021-22411
 CVE-2021-22410
        RESERVED
 CVE-2021-22409 (There is a denial of service vulnerability in some versions of 
ManageO ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2021-22408
        RESERVED
 CVE-2021-22407
@@ -26073,7 +26073,7 @@ CVE-2021-22341
 CVE-2021-22340
        RESERVED
 CVE-2021-22339 (There is a denial of service vulnerability in some versions of 
ManageO ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2021-22338
        RESERVED
 CVE-2021-22337
@@ -45266,15 +45266,15 @@ CVE-2020-27214
 CVE-2020-27213
        RESERVED
 CVE-2020-27212 (STMicroelectronics STM32L4 devices through 2020-10-19 have 
incorrect a ...)
-       TODO: check
+       NOT-FOR-US: STMicroelectronics STM32L4 devices
 CVE-2020-27211 (Nordic Semiconductor nRF52840 devices through 2020-10-19 have 
improper ...)
-       TODO: check
+       NOT-FOR-US: Nordic Semiconductor nRF52840 devices
 CVE-2020-27210
        RESERVED
 CVE-2020-27209 (The ECDSA operation of the micro-ecc library 1.0 is vulnerable 
to simp ...)
        TODO: check
 CVE-2020-27208 (The flash read-out protection (RDP) level is not enforced 
during the d ...)
-       TODO: check
+       NOT-FOR-US: SoloKeys Solo
 CVE-2020-27207 (Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, 
related to sq ...)
        NOT-FOR-US: Zetetic SQLCipher
 CVE-2020-27206
@@ -53362,7 +53362,7 @@ CVE-2020-23770
 CVE-2020-23769
        RESERVED
 CVE-2020-23768 (An information disclosure vulnerability was discovered in 
alipay_funct ...)
-       TODO: check
+       NOT-FOR-US: Alibaba payment interface on PHPPYUN
 CVE-2020-23767
        RESERVED
 CVE-2020-23766 (An arbitrary file deletion vulnerability was discovered on 
htmly v2.7. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32052e3f5c3c0484e25a17aeebb55f5c9f6c797a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32052e3f5c3c0484e25a17aeebb55f5c9f6c797a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to