two non issues

author: Moritz Mühlenhoff <jmm@debian.org> 2021-02-26 17:31:38 +0100
committer: Moritz Mühlenhoff <jmm@debian.org> 2021-02-26 17:31:38 +0100
commit: 8f3fd796ca012dbef3212e7c04890c875dfabad9 (patch)
tree: 53413f64ec86cb9f2b5646c01e25e7984c227445 /data/CVE/2020.list
parent: 6c17c7783a975e2ca36bbc36afcd51efb8189265 (diff)
1 files changed, 2 insertions, 7 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 97c19355ba..4f3ba8eedc 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -965,9 +965,7 @@ CVE-2020-35852 (Chatbox is affected by cross-site scripting (XSS). An attacker h
 CVE-2020-35851 (HGiga MailSherlock does not validate specific parameters properly. Att ...)
 	NOT-FOR-US: HGiga MailSherlock
 CVE-2020-35850 (** DISPUTED ** An SSRF issue was discovered in cockpit-project.org Coc ...)
-	- cockpit <unfixed>
-	[bullseye] - cockpit <ignored> (Minor issue)
-	[buster] - cockpit <ignored> (Minor issue)
+	NOTE: Bug disputed by upstream
 	NOTE: https://github.com/cockpit-project/cockpit/issues/15077
 CVE-2020-35849 (An issue was discovered in MantisBT before 2.24.4. An incorrect access ...)
 	- mantis <removed>
@@ -2203,10 +2201,7 @@ CVE-2020-35361
 CVE-2020-35360
 	RESERVED
 CVE-2020-35359 (Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server  ...)
-	- pure-ftpd <undetermined>
-	NOTE: https://www.exploit-db.com/exploits/49105 , seems bogus
-	NOTE: Issue mitigated by MaxClientsPerIP in pure-ftpd.conf configuration file
-CVE-2020-35358
+	NOTE: Bogus issue, can be configured using MaxClientsPerIP in pure-ftpd.conf configuration file
 	RESERVED
 CVE-2020-35357
 	RESERVED
author	Moritz Mühlenhoff <jmm@debian.org>	2021-02-26 17:31:38 +0100
committer	Moritz Mühlenhoff <jmm@debian.org>	2021-02-26 17:31:38 +0100
commit	8f3fd796ca012dbef3212e7c04890c875dfabad9 (patch)
tree	53413f64ec86cb9f2b5646c01e25e7984c227445 /data/CVE/2020.list
parent	6c17c7783a975e2ca36bbc36afcd51efb8189265 (diff)