Your message dated Sat, 13 Jun 2026 13:54:33 +0000
with message-id <[email protected]>
and subject line Bug#1121443: fixed in skanpage 25.04.2-1+deb13u1
has caused the Debian Bug report #1121443,
regarding skanpage: CVE-2025-55174
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1121443: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121443
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: skanpage
Version: 25.04.2-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for skanpage.
CVE-2025-55174[0]:
| In KDE Skanpage before 25.08.0, an attempt at file overwrite can
| result in the contents of the new file at the beginning followed by
| the partial contents of the old file at the end, because of use of
| QIODevice::ReadWrite instead of QODevice::WriteOnly.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-55174
https://www.cve.org/CVERecord?id=CVE-2025-55174
[1] https://kde.org/info/security/advisory-20250811-1.txt
[2] https://commits.kde.org/skanpage/19308900da27b46739f2360426b91479e7179a2f
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: skanpage
Source-Version: 25.04.2-1+deb13u1
Done: Moritz Mühlenhoff <[email protected]>
We believe that the bug you reported is fixed in the latest version of
skanpage, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Moritz Mühlenhoff <[email protected]> (supplier of updated skanpage package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 08 Jun 2026 23:01:32 +0200
Source: skanpage
Architecture: source
Version: 25.04.2-1+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <[email protected]>
Changed-By: Moritz Mühlenhoff <[email protected]>
Closes: 1121443
Changes:
skanpage (25.04.2-1+deb13u1) trixie; urgency=medium
.
* CVE-2025-55174 (Closes: #1121443)
Checksums-Sha1:
6b5b5ad2256936549ee99ba647879513743d3d44 3006 skanpage_25.04.2-1+deb13u1.dsc
636da2fd2c49f3d803653965a82fdd0b7f2eea4e 13764
skanpage_25.04.2-1+deb13u1.debian.tar.xz
2acfa957be5274a86f8b311a56e64ce9d799a09a 28435
skanpage_25.04.2-1+deb13u1_amd64.buildinfo
Checksums-Sha256:
682c84bc13d234fa00dee5718a06d06707447eebf8c39b70cc10e4b14ca9550e 3006
skanpage_25.04.2-1+deb13u1.dsc
563bbdce621bc90e0efca80bcab9e0fb16761ad4d3cc3dd072e089e56321ea17 13764
skanpage_25.04.2-1+deb13u1.debian.tar.xz
f4f089bafea0a0f321f53ba801dc34220549f5af18952ab77c7c3d32a442a171 28435
skanpage_25.04.2-1+deb13u1_amd64.buildinfo
Files:
ea1e5724a98fc6fa7bac7ef28c24049f 3006 kde optional
skanpage_25.04.2-1+deb13u1.dsc
adcdcca25ceee9523ac6957a0729a092 13764 kde optional
skanpage_25.04.2-1+deb13u1.debian.tar.xz
6d60187faf8697e49582c7cac2193cb4 28435 kde optional
skanpage_25.04.2-1+deb13u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmosL1AACgkQEMKTtsN8
TjbDiBAAju2UVTPQmqEtgN0C3De33Oqut4v31pCIg3z2VRCuHxwGjjVRvUwJ6P6a
3h6GJgImpkNsCF1tZYuUJs9Y711/4l2WCnBq0FjWYrfrNXL+v5uLQQkAGFXIDMqT
Fp9rutPfGf5T7mdDsJAcNlqvHtop5dyKK+mrzvlWx1KB/JXkZkWJHYt2KcqZrpfo
Lru22cSv657cehm+2KFiEQz/qZhFm1CKBotfgR9F+/mZNHl6UUhVzPCc40rLPA9v
GlS7/9tQ0BpPDMPMcVbgJpMbEZRsSXCwYu6tK02hy5FhMBNyHUMgUV22PE16qHHE
0G/Ea7s4wWqAvCKGb5Ec7JU9ahMGKU2tNgiUZkqTvcHiu1mE9bnh85+KzqZt3I5V
YVvsV6lKyHtXBYfqD/SUJNbmAxsi7l69e1hjEsVXuDbvLSdhJWwTFz4P69jc4p+m
qv9RFcfRLrStliVSnNt3cdyVRxgQ0f5BGhptaxTetP1jXPeNhFKWEA/5HqBarVVg
cz8wDOjqSM2Qk0tk0F68Dzc08H4J2KFsAK7j41apYIeAqhs6toxjvy+KyrJWZ0eU
9r/W28G5+P74bbQpfbKt9d0Ch65z0TesX+mwhvkXRQ6brJAlFjrRL46qoBv7M4+d
wb5grXvjus1Z2QnxvFVUHVXdJc1tSIHfTEYlEe2BBm+WbPgGtrg=
=U6N0
-----END PGP SIGNATURE-----
pgpZSO6Kvmyu2.pgp
Description: PGP signature
--- End Message ---
