[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for tomcat issues

Fri, 11 Jul 2025 07:53:50 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
37ef9348 by Salvatore Bonaccorso at 2025-07-11T16:52:56+02:00
Add Debian bug reference for tomcat issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -191,8 +191,8 @@ CVE-2025-53549 (The Matrix Rust SDK is a collection of 
libraries that make it ea
 CVE-2025-53542 (Headlamp is an extensible Kubernetes web UI. A command 
injection vulne ...)
        NOT-FOR-US: Headlamp
 CVE-2025-53506 (Uncontrolled Resource Consumption vulnerability in Apache 
Tomcat if an ...)
-       - tomcat11 <unfixed>
-       - tomcat10 <unfixed>
+       - tomcat11 <unfixed> (bug #1109113)
+       - tomcat10 <unfixed> (bug #1109114)
        - tomcat9 9.0.70-2
        NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server 
stack, using that as the fixed version
        NOTE: 
https://github.com/apache/tomcat/commit/be8f330f83ceddaf3baeed57522e571572b6b99b
 (11.0.9)
@@ -214,8 +214,8 @@ CVE-2025-52837 (Trend Micro Password Manager (Consumer) 
version 5.8.0.1327 and b
 CVE-2025-52521 (Trend Micro Security 17.8 (Consumer) is vulnerable to a link 
following ...)
        NOT-FOR-US: Trend Micro
 CVE-2025-52520 (For some unlikely configurations of multipart upload, an 
Integer Overf ...)
-       - tomcat11 <unfixed>
-       - tomcat10 <unfixed>
+       - tomcat11 <unfixed> (bug #1109111)
+       - tomcat10 <unfixed> (bug #1109112)
        - tomcat9 9.0.70-2
        NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server 
stack, using that as the fixed version
        NOTE: 
https://github.com/apache/tomcat/commit/a51e4bedccfafd35b7cdd0ee3e22267dee9f90db
 (11.0.9)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37ef93480df837b68fdfa05b6c5d9217c1c8f8ee

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37ef93480df837b68fdfa05b6c5d9217c1c8f8ee
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to