[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Tue, 02 Jun 2020 00:50:07 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
126ca322 by Salvatore Bonaccorso at 2020-06-02T09:49:20+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2020-13758 
(modules/security/classes/general.post_filter.php/post_filter.php in th ...)
-       TODO: check
+       NOT-FOR-US: Bitrix24
 CVE-2020-13757 (Python-RSA 4.0 ignores leading '\0' bytes during decryption of 
ciphert ...)
        - python-rsa <unfixed>
        NOTE: https://github.com/sybrenstuvel/python-rsa/issues/146
@@ -130,9 +130,9 @@ CVE-2020-13697
 CVE-2020-13696
        RESERVED
 CVE-2020-13695 (In QuickBox Community Edition through 2.5.5 and Pro Edition 
through 2. ...)
-       TODO: check
+       NOT-FOR-US: QuickBox
 CVE-2020-13694 (In QuickBox Community Edition through 2.5.5 and Pro Edition 
through 2. ...)
-       TODO: check
+       NOT-FOR-US: QuickBox
 CVE-2020-13693 (An unauthenticated privilege-escalation issue exists in the 
bbPress pl ...)
        NOT-FOR-US: bbPress plugin for WordPress
 CVE-2020-13692
@@ -656,7 +656,7 @@ CVE-2020-13450
 CVE-2020-13449
        RESERVED
 CVE-2020-13448 (QuickBox Community Edition through 2.5.5 and Pro Edition 
through 2.1.8 ...)
-       TODO: check
+       NOT-FOR-US: QuickBox
 CVE-2020-13447
        RESERVED
 CVE-2020-13446
@@ -12072,7 +12072,7 @@ CVE-2020-9293
 CVE-2020-9292
        RESERVED
 CVE-2020-9291 (An Insecure Temporary File vulnerability in FortiClient for 
Windows 6. ...)
-       TODO: check
+       NOT-FOR-US: Fortiguard / FortiClient for Windows
 CVE-2020-9290 (An Unsafe Search Path vulnerability in FortiClient for Windows 
online  ...)
        NOT-FOR-US: Fortiguard
 CVE-2020-9289
@@ -12560,7 +12560,7 @@ CVE-2020-9073 (Huawei P20 smartphones with versions 
earlier than 10.0.0.156(C00E
 CVE-2020-9072 (Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 
have a  ...)
        NOT-FOR-US: Huawei
 CVE-2020-9071 (There is a few bytes out-of-bounds read vulnerability in some 
Huawei p ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2020-9070 (Huawei smartphones Taurus-AL00B with versions earlier than 
10.0.0.205( ...)
        NOT-FOR-US: Huawei
 CVE-2020-9069 (There is an information leakage vulnerability in some Huawei 
products. ...)
@@ -17717,7 +17717,7 @@ CVE-2020-6870
 CVE-2020-6869
        RESERVED
 CVE-2020-6868 (ZTE's PON terminal product is impacted by the access control 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2020-6867 (ZTE's SDON controller is impacted by the resource management 
error vul ...)
        NOT-FOR-US: ZTE
 CVE-2020-6866 (A ZTE product is impacted by a resource management error 
vulnerability ...)
@@ -45233,7 +45233,7 @@ CVE-2019-15711 (A privilege escalation vulnerability in 
FortiClient for Linux 6.
 CVE-2019-15710 (An OS command injection vulnerability in FortiExtender 4.1.0 
to 4.1.1, ...)
        NOT-FOR-US: FortiExtender
 CVE-2019-15709 (An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 
6.0.5 and ...)
-       TODO: check
+       NOT-FOR-US: Fortiguard
 CVE-2019-15708 (A system command injection vulnerability in the FortiAP-S/W2 
6.2.1, 6. ...)
        NOT-FOR-US: Fortiguard
 CVE-2019-15707 (An improper access control vulnerability in FortiMail admin 
webUI 6.2. ...)
@@ -260155,11 +260155,11 @@ CVE-2014-7177 (XML External Entity vulnerability in 
Enalean Tuleap 7.2 and earli
 CVE-2014-7176 (SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 
allows r ...)
        NOT-FOR-US: Enalean Tuleap
 CVE-2014-7175 (FarLinX X25 Gateway through 2014-09-25 allows attackers to 
write arbit ...)
-       TODO: check
+       NOT-FOR-US: FarLinX X25 Gateway
 CVE-2014-7174 (FarLinX X25 Gateway through 2014-09-25 allows directory 
traversal via  ...)
-       TODO: check
+       NOT-FOR-US: FarLinX X25 Gateway
 CVE-2014-7173 (FarLinX X25 Gateway through 2014-09-25 allows command injection 
via sh ...)
-       TODO: check
+       NOT-FOR-US: FarLinX X25 Gateway
 CVE-2014-7172
        RESERVED
 CVE-2014-7171



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/126ca322a7f549e49e1d06b41d6238f1b76e659f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/126ca322a7f549e49e1d06b41d6238f1b76e659f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to