[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
032b71d6 by Moritz Muehlenhoff at 2022-07-06T13:30:33+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2022-2323
 CVE-2022-2322
        RESERVED
 CVE-2022-2321 (Login Bruteforce attacks ...)
-       TODO: check
+       NOT-FOR-US: Nakama
 CVE-2022-35230
        RESERVED
 CVE-2022-35229
@@ -686,7 +686,7 @@ CVE-2022-34917
 CVE-2022-34916
        RESERVED
 CVE-2022-2306 (Old session tokens can be used to authenticate to the 
application and  ...)
-       TODO: check
+       NOT-FOR-US: Nakama
 CVE-2022-2305
        RESERVED
 CVE-2022-2304 (Stack-based Buffer Overflow in GitHub repository vim/vim prior 
to 9.0. ...)
@@ -3146,7 +3146,7 @@ CVE-2022-34045
 CVE-2022-34044
        RESERVED
 CVE-2022-34043 (Incorrect permissions for the folder 
C:\ProgramData\NoMachine\var\unin ...)
-       TODO: check
+       NOT-FOR-US: NoMachine Windows builds
 CVE-2022-34042
        RESERVED
 CVE-2022-34041
@@ -5419,7 +5419,7 @@ CVE-2022-33084
 CVE-2022-33083
        RESERVED
 CVE-2022-33082 (An issue in the AST parser (ast/compile.go) of Open Policy 
Agent v0.10 ...)
-       TODO: check
+       NOT-FOR-US: Open Policy Agent
 CVE-2022-33081
        RESERVED
 CVE-2022-33080
@@ -5520,11 +5520,11 @@ CVE-2022-33039
 CVE-2022-33038
        RESERVED
 CVE-2022-33037 (A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to 
execute ar ...)
-       TODO: check
+       NOT-FOR-US: Orwell-Dev-Cpp
 CVE-2022-33036 (A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers 
to execut ...)
-       TODO: check
+       NOT-FOR-US: Embarcadero Dev-CPP
 CVE-2022-33035 (XLPD v7.0.0094 and below contains an unquoted service path 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: XLPD
 CVE-2022-33034 (LibreDWG v0.12.4.4608 was discovered to contain a stack 
overflow via t ...)
        - libredwg <itp> (bug #595191)
 CVE-2022-33033 (LibreDWG v0.12.4.4608 was discovered to contain a double-free 
via the  ...)
@@ -5774,7 +5774,7 @@ CVE-2022-32973 (An authenticated attacker could create an 
audit file that bypass
 CVE-2022-32972
        RESERVED
 CVE-2022-32969 (MetaMask before 10.11.3 might allow an attacker to access a 
user's sec ...)
-       TODO: check
+       NOT-FOR-US: MetaTask
 CVE-2022-32968
        RESERVED
 CVE-2022-32967
@@ -6763,6 +6763,7 @@ CVE-2022-32534 (The Bosch Ethernet switch PRA-ES8P2S with 
software version 1.01.
        NOT-FOR-US: Bosch
 CVE-2022-32533
        RESERVED
+       NOT-FOR-US: Apache Portals Jetspeed
 CVE-2022-32532 (Apache Shiro before 1.9.1, A RegexRequestMatcher can be 
misconfigured  ...)
        - shiro <unfixed>
        [bullseye] - shiro <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/032b71d6f13aaa39f445b0efa5ecbac5e62d5091

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/032b71d6f13aaa39f445b0efa5ecbac5e62d5091
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits