From 603c42415dde16dc382bb85dcb07497ab23c2ee1 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 1 Dec 2021 21:34:34 +0100
Subject: Associate some NFUs with the potential opennms source package

---
 data/CVE/2020.list | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'data/CVE/2020.list')

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 1099f35edd..9dfb61a30c 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -42571,7 +42571,7 @@ CVE-2020-12761 (modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer over
 	[jessie] - imlib2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63
 CVE-2020-12760 (An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian ...)
-	NOT-FOR-US: OpenNMS
+	- opennms <itp> (bug #450615)
 CVE-2020-12759 (Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook ...)
 	- zulip-server <itp> (bug #800052)
 CVE-2020-12758 (HashiCorp Consul and Consul Enterprise could crash when configured wit ...)
@@ -44877,7 +44877,7 @@ CVE-2020-11888 (python-markdown2 through 2.3.8 allows XSS because element names
 CVE-2020-11887 (svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an  ...)
 	NOT-FOR-US: svg2png
 CVE-2020-11886 (OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList. ...)
-	NOT-FOR-US: OpenNMS
+	- opennms <itp> (bug #450615)
 CVE-2020-11885 (WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability wher ...)
 	NOT-FOR-US: WSO2 Enterprise Integrator
 CVE-2020-11884 (In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code exec ...)
@@ -69114,7 +69114,7 @@ CVE-2020-1654 (On Juniper Networks SRX Series with ICAP (Internet Content Adapta
 CVE-2020-1653 (On Juniper Networks Junos OS devices, a stream of TCP packets sent to  ...)
 	NOT-FOR-US: Juniper
 CVE-2020-1652 (OpenNMS is accessible via port 9443 ...)
-	NOT-FOR-US: OpenNMS
+	- opennms <itp> (bug #450615)
 CVE-2020-1651 (On Juniper Networks MX series, receipt of a stream of specific Layer 2 ...)
 	NOT-FOR-US: Juniper
 CVE-2020-1650 (On Juniper Networks Junos MX Series with service card configured, rece ...)
-- 
cgit v1.2.3