[Git][security-tracker-team/security-tracker][master] 2 commits: dla: add python-django

Thu, 08 May 2025 23:34:32 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
af07a90e by Sylvain Beucler at 2025-05-09T08:32:56+02:00
dla: add python-django

- - - - -
5628d4cf by Sylvain Beucler at 2025-05-09T08:33:43+02:00
CVE-2025-47256/libxmp: follow stable triage

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1010,6 +1010,7 @@ CVE-2025-47417 (Exposure of Sensitive Information to an 
Unauthorized Actor vulne
 CVE-2025-47256 (Libxmp through 4.6.2 has a stack-based buffer overflow in 
depack_pha i ...)
        - libxmp 4.6.2-2
        [bookworm] - libxmp <no-dsa> (Minor issue)
+       [bullseye] - libxmp <postponed> (Minor issue)
        NOTE: https://github.com/libxmp/libxmp/issues/847
        NOTE: https://github.com/libxmp/libxmp/pull/848
        NOTE: Fixed by: 
https://github.com/libxmp/libxmp/commit/004a102c5a75ad809fc309ff73ce8d0f9ab3e456


=====================================
data/dla-needed.txt
=====================================
@@ -341,6 +341,11 @@ php-twig
   NOTE: 20250209: Added by Front-Desk (apo)
   NOTE: 20250209: Vulnerable code is in 
src/Node/Expression/NullCoalesceExpression.php (apo)
 --
+python-django
+  NOTE: 20250507: Added by Front-Desk (Beuc)
+  NOTE: 20250507: Added on request from lamby about CVE-2025-32873.
+  NOTE: 20250507: Many postponed vulnerabilities to fix as well 
(Beuc/front-desk)
+--
 python-flask-cors (dleidert)
   NOTE: 20250422: Added by Front-Desk (rouca)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b9bbd19688cc05609a317483e0c656c18af78f41...5628d4cf6f5b376251ffc94573706aa161356266

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b9bbd19688cc05609a317483e0c656c18af78f41...5628d4cf6f5b376251ffc94573706aa161356266
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to