[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Wed, 24 Jun 2020 10:42:25 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
244948a8 by Moritz Muehlenhoff at 2020-06-24T19:41:22+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5256,7 +5256,7 @@ CVE-2020-12829
 CVE-2020-12828 (An issue was discovered in AnchorFree VPN SDK before 
1.3.3.218. The VP ...)
        NOT-FOR-US: AnchorFree VPN SDK
 CVE-2020-12827 (MJML prior to 4.6.3 contains a path traversal vulnerability 
when proce ...)
-       TODO: check
+       NOT-FOR-US: MJML
 CVE-2019-20796
        RESERVED
 CVE-2020-12826 (A signal access-control issue was discovered in the Linux 
kernel befor ...)
@@ -10647,28 +10647,24 @@ CVE-2020-11098 (In FreeRDP before version 2.1.2, 
there is an out-of-bound read i
        - freerdp2 <unfixed>
        [buster] - freerdp2 <no-dsa> (Minor issue)
        - freerdp <removed>
-       [buster] - freerdp <no-dsa> (Minor issue)
        [stretch] - freerdp <no-dsa> (Minor issue)
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv
 CVE-2020-11097 (In FreeRDP before version 2.1.2, an out of bounds read occurs 
resultin ...)
        - freerdp2 <unfixed>
        [buster] - freerdp2 <no-dsa> (Minor issue)
        - freerdp <removed>
-       [buster] - freerdp <no-dsa> (Minor issue)
        [stretch] - freerdp <no-dsa> (Minor issue)
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f
 CVE-2020-11096 (In FreeRDP before version 2.1.2, there is a global OOB read in 
update_ ...)
        - freerdp2 <unfixed>
        [buster] - freerdp2 <no-dsa> (Minor issue)
        - freerdp <removed>
-       [buster] - freerdp <no-dsa> (Minor issue)
        [stretch] - freerdp <no-dsa> (Minor issue)
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x
 CVE-2020-11095 (In FreeRDP before version 2.1.2, an out of bound reads occurs 
resultin ...)
        - freerdp2 <unfixed>
        [buster] - freerdp2 <no-dsa> (Minor issue)
        - freerdp <removed>
-       [buster] - freerdp <no-dsa> (Minor issue)
        [stretch] - freerdp <no-dsa> (Minor issue)
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2
 CVE-2020-11094 (The October CMS debugbar plugin before version 3.1.0 contains 
a featur ...)
@@ -15067,7 +15063,7 @@ CVE-2020-9440 (A cross-site scripting (XSS) 
vulnerability in the WSC plugin thro
 CVE-2020-9439
        RESERVED
 CVE-2020-9438 (Tinxy Door Lock with firmware before 3.2 allow attackers to 
unlock a d ...)
-       TODO: check
+       NOT-FOR-US: Tinxy Door Lock
 CVE-2020-9437
        RESERVED
 CVE-2020-9436 (PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 
2002T-3G  ...)
@@ -15370,7 +15366,7 @@ CVE-2020-9334 (A stored XSS vulnerability exists in the 
Envira Photo Gallery plu
 CVE-2020-9333
        RESERVED
 CVE-2020-9332 (ftusbbus2.sys in FabulaTech USB for Remote Desktop through 
2020-02-19  ...)
-       TODO: check
+       NOT-FOR-US: FabulaTech
 CVE-2020-9331
        RESERVED
 CVE-2020-9330 (Certain Xerox WorkCentre printers before 073.xxx.000.02300 do 
not requ ...)
@@ -15470,7 +15466,7 @@ CVE-2020-9290 (An Unsafe Search Path vulnerability in 
FortiClient for Windows on
 CVE-2020-9289 (Use of a hard-coded cryptographic key to encrypt password data 
in CLI  ...)
        NOT-FOR-US: Fortiguard
 CVE-2020-9288 (An improper neutralization of input vulnerability in FortiWLC 
8.5.1 al ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2020-9287 (An Unsafe Search Path vulnerability in FortiClient EMS online 
installe ...)
        NOT-FOR-US: Fortiguard
 CVE-2020-9286 (An improper authorization vulnerability in FortiADC may allow a 
remote ...)
@@ -18266,7 +18262,7 @@ CVE-2020-8104
 CVE-2020-8103 (A vulnerability in the improper handling of symbolic links in 
Bitdefen ...)
        NOT-FOR-US: Bitdefender Antivirus Free
 CVE-2020-8102 (Improper Input Validation vulnerability in the Safepay browser 
compone ...)
-       TODO: check
+       NOT-FOR-US: Safepay
 CVE-2020-8101
        RESERVED
 CVE-2020-8100 (Improper Input Validation vulnerability in the cevakrnl.rv0 
module as  ...)
@@ -18721,7 +18717,7 @@ CVE-2020-7934 (In LifeRay Portal CE 7.1.0 through 
7.2.1, the First Name, Middle
 CVE-2020-7933
        RESERVED
 CVE-2020-7932 (OMERO.web before 5.6.3 optionally allows sensitive data 
elements (e.g. ...)
-       TODO: check
+       NOT-FOR-US: OMERO
 CVE-2020-7931 (In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template 
process ...)
        NOT-FOR-US: JFrog Artifactory
 CVE-2020-7930
@@ -18768,7 +18764,7 @@ CVE-2019-20411
 CVE-2019-20410
        RESERVED
 CVE-2019-20409 (The way in which velocity templates were used in Atlassian 
Jira Server ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2019-20408
        RESERVED
 CVE-2019-20407 (The ConfigureBambooRelease resource in Jira Software and Jira 
Software ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/244948a8a831d09e376c2605f34059c28aa1f4f9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/244948a8a831d09e376c2605f34059c28aa1f4f9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to