[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) Thu, 27 Jan 2022 03:20:39 -0800


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9dbceff8 by Neil Williams at 2022-01-27T11:19:58+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15583,7 +15583,7 @@ CVE-2021-43400 (An issue was discovered in 
gatt-database.c in BlueZ 5.61. A use-
        NOTE: Introduced by: 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=93b64d9ca8a2bb663e37904d4b2c702c58a36e4f
 (5.40)
        NOTE: Fixed by: 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=838c0dc7641e1c991c0f3027bf94bee4606012f8
 (5.62)
 CVE-2021-43399 (The Yubico YubiHSM YubiHSM2 library 2021.08, included in the 
yubihsm-s ...)
-       TODO: check
+       NOT-FOR-US: yubihsm-shell
 CVE-2021-43398 (** DISPUTED ** Crypto++ (aka Cryptopp) 8.6.0 and earlier 
contains a ti ...)
        - libcrypto++ <unfixed> (unimportant; bug #1000227)
        NOTE: https://github.com/weidai11/cryptopp/issues/1080
@@ -15818,7 +15818,7 @@ CVE-2021-43300
 CVE-2021-43299
        RESERVED
 CVE-2021-43298 (The code that performs password matching when using 'Basic' 
HTTP authe ...)
-       TODO: check
+       NOT-FOR-US: GoAhead Web Server
 CVE-2021-43297 (A deserialization vulnerability existed in dubbo hessian-lite 
3.2.11 a ...)
        NOT-FOR-US: Apache Dubbo
 CVE-2021-3924 (grav is vulnerable to Improper Limitation of a Pathname to a 
Restricte ...)
@@ -17992,7 +17992,7 @@ CVE-2021-42812
 CVE-2021-42811
        RESERVED
 CVE-2021-42810 (A flaw in the previous versions of the product may allow an 
authentica ...)
-       TODO: check
+       NOT-FOR-US: Thales SafeNet Agent
 CVE-2021-42809 (Improper Access Control of Dynamically-Managed Code Resources 
(DLL) in ...)
        NOT-FOR-US: ThalesThales Sentinel Protection Installer
 CVE-2021-42808 (Improper Access Control in Thales Sentinel Protection 
Installer could  ...)
@@ -45573,7 +45573,7 @@ CVE-2021-32041
 CVE-2021-32040
        RESERVED
 CVE-2021-32039 (Users with appropriate file access may be able to access 
unencrypted u ...)
-       TODO: check
+       NOT-FOR-US: MongoDB VSCode Extension
 CVE-2021-32038
        RESERVED
 CVE-2021-32037 (An authorized user may trigger an invariant which may result 
in denial ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dbceff88559eb2cd613d997c1bc8bfbf77abdf3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dbceff88559eb2cd613d997c1bc8bfbf77abdf3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to