Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e37ab262 by Salvatore Bonaccorso at 2025-04-30T22:26:25+02:00
Remove CVEs which initially were assigned for fig2dev issues
They were not security issues so the CVE rejected and the fixes count as
just to be bugfixes (and still worth applying in stable update).
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1373,33 +1373,12 @@ CVE-2025-46417 (The unsafe globals in Picklescan before
0.0.25 do not include ss
NOT-FOR-US: Picklescan
CVE-2025-46400
REJECTED
- {DLA-4147-1}
- - fig2dev 1:3.2.9a-3
- [bookworm] - fig2dev <no-dsa> (Minor issue)
- NOTE: https://sourceforge.net/p/mcj/tickets/187/
- NOTE: Fixed by:
https://sourceforge.net/p/mcj/fig2dev/ci/1e5515a1ea2ec8651cf85ab5000d026bb962492a/
- NOTE: Fixed by:
https://sourceforge.net/p/mcj/fig2dev/ci/c4465e0d9af89d9738aad31c2d0873ac1fa03c96/
CVE-2025-46399
REJECTED
- {DLA-4147-1}
- - fig2dev 1:3.2.9a-4
- [bookworm] - fig2dev <no-dsa> (Minor issue)
- NOTE: https://sourceforge.net/p/mcj/tickets/190/
- NOTE: Fixed by:
https://sourceforge.net/p/mcj/fig2dev/ci/2bd6c0b210916d0d3ca81f304535b5af0849aa93/
CVE-2025-46398
REJECTED
- {DLA-4147-1}
- - fig2dev 1:3.2.9a-4
- [bookworm] - fig2dev <no-dsa> (Minor issue)
- NOTE: https://sourceforge.net/p/mcj/tickets/191/
- NOTE: Fixed by:
https://sourceforge.net/p/mcj/fig2dev/ci/5f22009dba73922e98d49c0096cece8b215cd45b/
CVE-2025-46397
REJECTED
- {DLA-4147-1}
- - fig2dev 1:3.2.9a-4
- [bookworm] - fig2dev <no-dsa> (Minor issue)
- NOTE: https://sourceforge.net/p/mcj/tickets/192/
- NOTE: Fixed by:
https://sourceforge.net/p/mcj/fig2dev/ci/dfa8b661b506a463a669754ed635b0a8eb67580e/
CVE-2025-46381
REJECTED
CVE-2025-46380
=====================================
data/DLA/list
=====================================
@@ -2,7 +2,6 @@
{CVE-2025-29769}
[bullseye] - vips 8.10.5-2+deb11u1
[30 Apr 2025] DLA-4147-1 fig2dev - security update
- {CVE-2025-46397 CVE-2025-46398 CVE-2025-46399 CVE-2025-46400}
[bullseye] - fig2dev 1:3.2.8-3+deb11u3
[30 Apr 2025] DLA-4146-1 libxml2 - security update
{CVE-2025-32414 CVE-2025-32415}
=====================================
data/next-point-update.txt
=====================================
@@ -150,14 +150,6 @@ CVE-2023-28755
[bookworm] - rubygems 3.3.15-2+deb12u1
CVE-2025-32728
[bookworm] - openssh 1:9.2p1-2+deb12u6
-CVE-2025-46397
- [bookworm] - fig2dev 1:3.2.8b-3+deb12u2
-CVE-2025-46398
- [bookworm] - fig2dev 1:3.2.8b-3+deb12u2
-CVE-2025-46399
- [bookworm] - fig2dev 1:3.2.8b-3+deb12u2
-CVE-2025-46400
- [bookworm] - fig2dev 1:3.2.8b-3+deb12u2
CVE-2025-32776
[bookworm] - openrazer 3.5.1+dfsg-2+deb12u1
CVE-2023-34872
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e37ab262193e1e30363380e33db5aad25dffad32
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e37ab262193e1e30363380e33db5aad25dffad32
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
