[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Wed, 03 Feb 2021 09:02:09 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8c78225c by Moritz Muehlenhoff at 2021-02-03T18:01:42+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -721,13 +721,13 @@ CVE-2021-3336 (DoTls13CertificateVerify in tls13.c in 
wolfSSL through 4.6.0 does
        - wolfssl <unfixed>
        NOTE: https://github.com/wolfSSL/wolfssl/pull/3676
 CVE-2021-26308 (An issue was discovered in the marc crate before 2.0.0 for 
Rust. A use ...)
-       TODO: check
+       NOT-FOR-US: Rust marc
 CVE-2021-26307 (An issue was discovered in the raw-cpuid crate before 9.0.0 
for Rust.  ...)
-       TODO: check
+       NOT-FOR-US: Rust raw-cpuid
 CVE-2021-26306 (An issue was discovered in the raw-cpuid crate before 9.0.0 
for Rust.  ...)
-       TODO: check
+       NOT-FOR-US: Rust raw-cpuid
 CVE-2021-26305 (An issue was discovered in Deserializer::read_vec in the cdr 
crate bef ...)
-       TODO: check
+       NOT-FOR-US: Rust Deserializer::read_vec
 CVE-2021-26304 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to 
stored XS ...)
        NOT-FOR-US: PHPGurukul Daily Expense Tracker System
 CVE-2021-26303 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to 
stored XS ...)
@@ -1664,7 +1664,7 @@ CVE-2021-25914
 CVE-2021-25913
        RESERVED
 CVE-2021-25912 (Prototype pollution vulnerability in 'dotty' versions 0.0.1 
through 0. ...)
-       TODO: check
+       NOT-FOR-US: Node dotty
 CVE-2018-25003
        RESERVED
 CVE-2021-25911
@@ -7444,7 +7444,7 @@ CVE-2021-23332
 CVE-2021-23331
        RESERVED
 CVE-2021-23330 (All versions of package launchpad are vulnerable to Command 
Injection  ...)
-       TODO: check
+       NOT-FOR-US: Node launchpad
 CVE-2021-23329 (The package nested-object-assign before 1.0.4 are vulnerable 
to Protot ...)
        TODO: check
 CVE-2021-23328 (This affects all versions of package iniparserjs. This 
vulnerability r ...)
@@ -7562,7 +7562,7 @@ CVE-2021-23273
 CVE-2021-23272 (The Application Development Clients component of TIBCO 
Software Inc.'s ...)
        NOT-FOR-US: TIBCO
 CVE-2021-23271 (The TIBCO EBX Web Server component of TIBCO Software Inc.'s 
TIBCO EBX  ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2021-3113 (Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote 
attackers  ...)
        NOT-FOR-US: Netsia SEBA+
 CVE-2021-23270



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c78225c10f82a5cc7c3d8cecfea5ea094842712

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c78225c10f82a5cc7c3d8cecfea5ea094842712
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to