[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 30 Jun 2021 06:13:35 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
03b09e87 by Moritz Muehlenhoff at 2021-06-30T15:12:44+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -404994,7 +404994,7 @@ CVE-2010-4818 (The GLX extension in X.Org xserver 
1.7.7 allows remote authentica
 CVE-2010-4817 (pithos before 0.3.5 allows overwrite of arbitrary files via 
symlinks. ...)
        - pithos 0.3.5-1
 CVE-2010-4816 (It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that 
a null  ...)
-       TODO: check
+       NOT-FOR-US: Historic freeBSD issue
 CVE-2010-4815 (Coppermine gallery before 1.4.26 has an input validation 
vulnerability ...)
        NOT-FOR-US: Coppermine Photo Gallery
 CVE-2011-3169 (Unspecified vulnerability in the SMTP service implementation in 
HP TCP ...)
@@ -415428,11 +415428,11 @@ CVE-2010-4267 (Stack-based buffer overflow in the 
hpmud_get_pml function in io/h
        {DSA-2152-1}
        - hplip 3.10.6-2 (bug #610960)
 CVE-2010-4266 (It was found in vanilla forums before 2.0.10 a potential 
linkbait vuln ...)
-       TODO: check
+       NOT-FOR-US: Vanilla Forums
 CVE-2010-4265 (The 
org.jboss.remoting.transport.bisocket.BisocketServerInvoker$Second ...)
        - jbossas4 <not-affected> (Red Hat issue, they didn't include the fix 
for CVE-2010-3862 in the update)
 CVE-2010-4264 (It was found in vanilla forums before 2.0.10 a cross-site 
scripting vu ...)
-       TODO: check
+       NOT-FOR-US: Vanilla Forums
 CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in 
the Inte ...)
        - linux-2.6 2.6.32-30
        [lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -418017,7 +418017,7 @@ CVE-2010-3301 (The IA32 system call emulation 
functionality in arch/x86/ia32/ia3
        - linux-2.6 2.6.32-23
        [lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27)
 CVE-2010-3300 (It was found that all OWASP ESAPI for Java up to version 2.0 
RC2 are v ...)
-       TODO: check
+       NOT-FOR-US: OWASP ESAPI
 CVE-2010-3299 (The encrypt/decrypt functions in Ruby on Rails 2.3 are 
vulnerable to p ...)
        - rails <unfixed> (unimportant)
        NOTE: http://seclists.org/oss-sec/2010/q3/415



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03b09e873aba3a0893fa9b37fcb27bd6685f48f8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03b09e873aba3a0893fa9b37fcb27bd6685f48f8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to