[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Sun, 23 Aug 2020 13:57:43 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b56e9894 by Moritz Muehlenhoff at 2020-08-23T22:53:29+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -36803,9 +36803,9 @@ CVE-2020-8914
 CVE-2020-8913 (A local, arbitrary code execution vulnerability exists in the 
SplitCom ...)
        NOT-FOR-US: Android's Play Core Library
 CVE-2020-8912 (A vulnerability in the in-band key negotiation exists in the 
AWS S3 Cr ...)
-       TODO: check
+       NOT-FOR-US: AWS S3 Crypto SDK for Go
 CVE-2020-8911 (A padding oracle vulnerability exists in the AWS S3 Crypto SDK 
for GoL ...)
-       TODO: check
+       NOT-FOR-US: AWS S3 Crypto SDK for Go
 CVE-2020-8910 (A URL parsing issue in goog.uri of the Google Closure Library 
versions ...)
        NOT-FOR-US: Google Closure Library
 CVE-2020-8909
@@ -41420,7 +41420,7 @@ CVE-2020-7020
 CVE-2020-7019 (In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure 
flaw was f ...)
        - elasticsearch <removed>
 CVE-2020-7018 (Elastic Enterprise Search before 7.9.0 contain a credential 
exposure f ...)
-       TODO: check
+       - elasticsearch <removed>
 CVE-2020-7017 (In Kibana versions before 6.8.11 and 7.8.1 the region map 
visualizatio ...)
        - kibana <itp> (bug #700337)
 CVE-2020-7016 (Kibana versions before 6.8.11 and 7.8.1 contain a denial of 
service (D ...)
@@ -45395,11 +45395,11 @@ CVE-2020-5419
 CVE-2020-5418
        RESERVED
 CVE-2020-5417 (Cloud Foundry CAPI (Cloud Controller), versions prior to 
1.97.0, when  ...)
-       TODO: check
+       NOT-FOR-US: Cloud Foundry
 CVE-2020-5416 (Cloud Foundry Routing (Gorouter), versions prior to 0.204.0, 
when used ...)
-       TODO: check
+       NOT-FOR-US: Cloud Foundry
 CVE-2020-5415 (Concourse, versions prior to 6.3.1 and 6.4.1, in installations 
which u ...)
-       TODO: check
+       NOT-FOR-US: Councourse
 CVE-2020-5414 (VMware Tanzu Application Service for VMs (2.7.x versions prior 
to 2.7. ...)
        NOT-FOR-US: VMware
 CVE-2020-5413 (Spring Integration framework provides Kryo Codec 
implementations as an ...)
@@ -48743,7 +48743,7 @@ CVE-2020-4061 (In October from version 1.0.319 and 
before version 1.0.467, pasti
 CVE-2020-4060 (In LoRa Basics Station before 2.0.4, there is a Use After Free 
vulnera ...)
        NOT-FOR-US: LoRa Basics Station
 CVE-2020-4059 (In mversion before 2.0.0, there is a command injection 
vulnerability.  ...)
-       TODO: check
+       NOT-FOR-US: mversion
 CVE-2020-4058
        RESERVED
 CVE-2020-4057
@@ -60714,7 +60714,7 @@ CVE-2020-0561 (Improper initialization in the Intel(R) 
SGX SDK before v2.6.100.1
 CVE-2020-0560 (Improper permissions in the installer for the Intel(R) Renesas 
Electro ...)
        NOT-FOR-US: Intel
 CVE-2020-0559 (Insecure inherited permissions in some Intel(R) PROSet/Wireless 
WiFi p ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2020-0558 (Improper buffer restrictions in kernel mode driver for Intel(R) 
PROSet ...)
        NOT-FOR-US: Intel
 CVE-2020-0557 (Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi 
produc ...)
@@ -60733,7 +60733,7 @@ CVE-2020-0556 (Improper access control in subsystem for 
BlueZ before version 5.5
        NOTE: Followup: 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=35d8d895cd0b724e58129374beb0bb4a2edf9519
        NOTE: Followup: 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=f2778f5877d20696d68a452b26e4accb91bfb19e
 CVE-2020-0555 (Improper input validation for some Intel(R) Wireless 
Bluetooth(R) prod ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2020-0554 (Race condition in software installer for some Intel(R) Wireless 
Blueto ...)
        NOT-FOR-US: Intel
 CVE-2020-0553 (Out-of-bounds read in kernel mode driver for some Intel(R) 
Wireless Bl ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56e989427a2b772887e827d670f59c51046a8b4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56e989427a2b772887e827d670f59c51046a8b4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to