Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a08d79a by Salvatore Bonaccorso at 2025-07-04T21:06:01+02:00
Add reference for CVE-2025-4517
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9518,6 +9518,7 @@ CVE-2025-4517 (Allows arbitrary filesystem writes outside
the extraction directo
- python3.9 <not-affected> (Vulnerable code got backported to 3.9.17,
but dropped from sid with 3.9.13)
- python2.7 <not-affected> (Vulnerable code introduced in 3.12)
- jython <not-affected> (Vulnerable code introduced in 3.12)
+ NOTE:
https://github.com/google/security-research/security/advisories/GHSA-hgqp-3mmf-7h8f
NOTE: https://github.com/python/cpython/issues/135034
NOTE: https://github.com/python/cpython/pull/135037
NOTE:
https://mail.python.org/archives/list/[email protected]/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a08d79a2cb01767de7061662046597ea1117130
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a08d79a2cb01767de7061662046597ea1117130
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
