[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 11 Jan 2022 12:55:47 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
73584f5b by Salvatore Bonaccorso at 2022-01-11T21:54:55+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1444,7 +1444,7 @@ CVE-2021-46141 (An issue was discovered in uriparser 
before 0.9.6. It performs i
 CVE-2022-22678
        RESERVED
 CVE-2022-0129 (Uncontrolled search path element vulnerability in McAfee 
TechCheck pri ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2022-0128 (vim is vulnerable to Out-of-bounds Read ...)
        - vim <unfixed>
        [bullseye] - vim <not-affected> (Vulnerable code introduced later)
@@ -4330,7 +4330,7 @@ CVE-2021-4158 [NULL pointer dereference in pci_write() in 
hw/acpi/pcihp.c]
 CVE-2021-45461 (FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 
15.0.19.88, 1 ...)
        NOT-FOR-US: FreePBX
 CVE-2021-45460 (A vulnerability has been identified in SICAM PQ Analyzer (All 
versions ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-4157 [pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()]
        RESERVED
        - linux 5.10.38-1
@@ -6331,9 +6331,9 @@ CVE-2021-45036
 CVE-2021-45035
        RESERVED
 CVE-2021-45034 (A vulnerability has been identified in CP-8000 MASTER MODULE 
WITH I/O  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-45033 (A vulnerability has been identified in CP-8000 MASTER MODULE 
WITH I/O  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-45032
        RESERVED
 CVE-2021-45031
@@ -9532,19 +9532,19 @@ CVE-2022-21673
 CVE-2022-21672 (make-ca is a utility to deliver and manage a complete PKI 
configuratio ...)
        TODO: check
 CVE-2022-21671 (@replit/crosis is a JavaScript client that speaks Replit's 
container p ...)
-       TODO: check
+       NOT-FOR-US: crosis
 CVE-2022-21670 (markdown-it is a Markdown parser. Prior to version 1.3.2, 
special patt ...)
        - node-markdown-it <unfixed>
        NOTE: 
https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c
        NOTE: 
https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101
 (12.3.2)
 CVE-2022-21669 (PuddingBot is a group management bot. In version 0.0.6-b933652 
and pri ...)
-       TODO: check
+       NOT-FOR-US: PuddingBot
 CVE-2022-21668 (pipenv is a Python development workflow tool. Starting with 
version 20 ...)
        TODO: check
 CVE-2022-21667 (soketi is an open-source WebSockets server. There is an 
unhandled case ...)
        NOT-FOR-US: soketi
 CVE-2022-21666 (Useful Simple Open-Source CMS (USOC) is a content management 
system (C ...)
-       TODO: check
+       NOT-FOR-US: Useful Simple Open-Source CMS (USOC)
 CVE-2022-21665
        RESERVED
 CVE-2022-21664 (WordPress is a free and open-source content management system 
written  ...)
@@ -12125,7 +12125,7 @@ CVE-2021-43299
 CVE-2021-43298
        RESERVED
 CVE-2021-43297 (A deserialization vulnerability existed in dubbo hessian-lite 
3.2.11 a ...)
-       TODO: check
+       NOT-FOR-US: Apache Dubbo
 CVE-2021-3924 (grav is vulnerable to Improper Limitation of a Pathname to a 
Restricte ...)
        NOT-FOR-US: Grav CMS
 CVE-2021-23222
@@ -18058,7 +18058,7 @@ CVE-2021-41770 (Ping Identity PingFederate before 
10.3.1 mishandles pre-parsing
 CVE-2021-3838
        RESERVED
 CVE-2021-41769 (A vulnerability has been identified in SIPROTEC 5 6MD85 
devices (CPU v ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-41768
        RESERVED
 CVE-2021-41767
@@ -29202,13 +29202,13 @@ CVE-2021-37200 (A vulnerability has been identified 
in SINEC NMS (All versions &
 CVE-2021-37199 (A vulnerability has been identified in SINUMERIK 808D (All 
versions),  ...)
        NOT-FOR-US: Siemens
 CVE-2021-37198 (A vulnerability has been identified in COMOS (All versions 
&lt; V10.4. ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-37197 (A vulnerability has been identified in COMOS (All versions 
&lt; V10.4. ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-37196 (A vulnerability has been identified in COMOS (All versions 
&lt; V10.4. ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-37195 (A vulnerability has been identified in COMOS (All versions 
&lt; V10.4. ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-37194
        RESERVED
 CVE-2021-37193 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73584f5bad1e963878d5c79acfcb33c16bab1fb7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73584f5bad1e963878d5c79acfcb33c16bab1fb7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to