Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6be1823c by Moritz Muehlenhoff at 2025-06-11T10:26:59+02:00
bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -522,6 +522,7 @@ CVE-2024-1243 (Improper input validation in the Wazuh agent
for Windows prior to
TODO: check
CVE-2025-5986
- thunderbird <unfixed>
+ [bookworm] - thunderbird <postponed> (Minor issue, fix along with June
update)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/#CVE-2025-5986
CVE-2025-49710
- firefox 139.0.4-1
@@ -956,6 +957,7 @@ CVE-2023-48786 (A server-side request forgery vulnerability
[CWE-918] in Fortine
NOT-FOR-US: Fortinet
CVE-2025-49133 (Libtpms is a library that targets the integration of TPM
functionality ...)
- libtpms <unfixed> (bug #1107617)
+ [bookworm] - libtpms <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/stefanberger/libtpms/commit/9f9baccdba9cd3fc32f1355613abd094b21f7ba0
(v0.9.7)
CVE-2025-5952 (A vulnerability, which was classified as critical, has been
found in Z ...)
NOT-FOR-US: Zend.To
@@ -997,9 +999,11 @@ CVE-2025-5900 (A vulnerability, which was classified as
problematic, was found i
NOT-FOR-US: Tenda
CVE-2025-5899 (A vulnerability classified as critical was found in GNU PSPP
82fb509fb ...)
- pspp <unfixed>
+ [bookworm] - pspp <no-dsa> (Minor issue)
NOTE: https://savannah.gnu.org/bugs/index.php?67072
CVE-2025-5898 (A vulnerability classified as critical has been found in GNU
PSPP 82fb ...)
- pspp <unfixed>
+ [bookworm] - pspp <no-dsa> (Minor issue)
NOTE: https://savannah.gnu.org/bugs/index.php?67071
CVE-2025-5897 (A vulnerability was found in vuejs vue-cli up to 5.0.8. It has
been ra ...)
NOT-FOR-US: vue-cli
@@ -2936,7 +2940,9 @@ CVE-2025-36564 (Dell Encryption Admin Utilities versions
prior to 11.10.2 contai
NOT-FOR-US: Dell / EMC
CVE-2025-35036 (Hibernate Validator before 6.2.0 and 7.0.0, by default and
depending h ...)
- libhibernate-validator-java <unfixed> (bug #1107517)
+ [bookworm] - libhibernate-validator-java <ignored> (Minor issue, only
changes the default behaviour, no security issue by itself)
- libhibernate-validator4-java <unfixed> (bug #1107518)
+ [bookworm] - libhibernate-validator4-java <ignored> (Minor issue, only
changes the default behaviour, no security issue by itself)
NOTE: https://hibernate.atlassian.net/browse/HV-1816
NOTE: https://github.com/hibernate/hibernate-validator/pull/1138
NOTE:
https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e
(7.0.0.CR1)
=====================================
data/dsa-needed.txt
=====================================
@@ -30,6 +30,8 @@ gst-plugins-bad1.0 (jmm)
--
jpeg-xl
--
+konsole (jmm)
+--
libreswan
Waiting on feedback from maintainer
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6be1823c25a7e1da34828fd91a2c2c34bf8d886d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6be1823c25a7e1da34828fd91a2c2c34bf8d886d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
