Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
832e5b01 by Moritz Muehlenhoff at 2025-07-16T15:22:29+02:00
bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -70,9 +70,11 @@ CVE-2025-2799 (The WP Event Manager \u2013 Events Calendar,
Registrations, Sell
NOT-FOR-US: WordPress plugin
CVE-2025-53906 (Vim is an open source, command line text editor. Prior to
version 9.1. ...)
- vim <unfixed> (bug #1109374)
+ [bookworm] - vim <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2025/07/15/2
CVE-2025-53905 (Vim is an open source, command line text editor. Prior to
version 9.1. ...)
- vim <unfixed> (bug #1109374)
+ [bookworm] - vim <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2025/07/15/1
CVE-2025-30761 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- openjdk-8 <unfixed>
@@ -98,6 +100,7 @@ CVE-2025-6971 (Use After Free vulnerability exists in the
CATPRODUCT file readin
NOT-FOR-US: Dassault Systemes
CVE-2025-6965 (There exists a vulnerability in SQLite versions before 3.50.2
where th ...)
- sqlite3 <unfixed> (bug #1109379)
+ [bookworm] - sqlite3 <no-dsa> (Minor issue)
NOTE:
https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8
CVE-2025-6558 (Insufficient validation of untrusted input in ANGLE and GPU in
Google ...)
- chromium 138.0.7204.157-1
@@ -428,6 +431,7 @@ CVE-2025-3621 (Vulnerabilities* in ActADUR local server
product, developed and m
NOT-FOR-US: ActADUR
CVE-2025-53643 (AIOHTTP is an asynchronous HTTP client/server framework for
asyncio an ...)
- python-aiohttp <unfixed> (bug #1109336)
+ [bookworm] - python-aiohttp <no-dsa> (Minor issue)
NOTE:
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj
NOTE:
https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a
(v3.12.14)
CVE-2025-7628 (A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up
to 5fb ...)
@@ -501,11 +505,10 @@ CVE-2025-7588 (A vulnerability classified as critical has
been found in PHPGuruk
CVE-2025-7587 (A vulnerability was found in code-projects Online Appointment
Booking ...)
NOT-FOR-US: code-projects
CVE-2025-7519 (A flaw was found in polkit. When processing an XML policy with
32 or m ...)
- - policykit-1 <unfixed> (bug #1109334)
- [bookworm] - policykit-1 <no-dsa> (Minor issue; needs high privilege
account to place malicious policy file)
- [bullseye] - policykit-1 <postponed> (Minor issue; needs high privilege
account to place malicious policy file)
+ - policykit-1 <unfixed> (bug #1109334; unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2379675
NOTE: Fixed by:
https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245
+ NOTE: Negligible security impact
CVE-2025-53689 (Blind XXE Vulnerabilities in jackrabbit-spi-commons and
jackrabbit-cor ...)
- jackrabbit <unfixed> (bug #1109335)
NOTE: https://lists.apache.org/thread/5pf9n76ny13pzzk765og2h3gxdxw7p24
@@ -892,6 +895,7 @@ CVE-2025-53636 (Open OnDemand is an open-source HPC portal.
Users can flood logs
CVE-2025-24294 (The attack vector is a potential Denial of Service (DoS). The
vulnerab ...)
- ruby3.3 <unfixed> (bug #1109337)
- ruby3.1 <removed>
+ [bookworm] - ruby3.1 <no-dsa> (Minor issue)
- ruby2.7 <removed>
NOTE:
https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/
NOTE:
https://github.com/ruby/resolv/commit/4c2f71b5e80826506f78417d85b38481c058fb25
(v0.6.2)
@@ -1036,7 +1040,9 @@ CVE-2023-38327 (An issue was discovered in eGroupWare
17.1.20190111. A User Enum
- egroupware <removed>
CVE-2025-48924 (Uncontrolled Recursion vulnerability in Apache Commons Lang.
This iss ...)
- libcommons-lang3-java <unfixed> (bug #1109125)
+ [bookworm] - libcommons-lang3-java <no-dsa> (Minor issue)
- libcommons-lang-java <unfixed> (bug #1109126)
+ [bookworm] - libcommons-lang-java <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2025/07/11/1
CVE-2025-7442 (The WPGYM - Wordpress Gym Management System plugin for
WordPress is vu ...)
NOT-FOR-US: WordPress plugin
@@ -1082,6 +1088,7 @@ CVE-2025-6068 (The FooGallery \u2013 Responsive Photo
Gallery, Image Viewer, Jus
NOT-FOR-US: WordPress plugin
CVE-2025-5992 (When passing values outside of the expected range to
QColorTransferGen ...)
- qt6-base <unfixed> (bug #1109299)
+ [bookworm] - qt6-base <no-dsa> (Minor issue)
NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/647919
NOTE:
https://github.com/qt/qtbase/commit/f12d046383decf8f468de62732c9cff7d4303cbf
CVE-2025-5530 (The WPC Smart Compare for WooCommerce plugin for WordPress is
vulnerab ...)
@@ -3696,14 +3703,14 @@ CVE-2025-49867 (Incorrect Privilege Assignment
vulnerability in InspiryThemes Re
CVE-2025-49866 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2025-49809 (mtr through 0.95, in certain privileged contexts, mishandles
execution ...)
- - mtr <unfixed>
- [bullseye] - mtr <postponed> (Minor issue, unlikely scenario for Debian)
+ - mtr <unfixed> (unimportant)
NOTE: In Debian, mtr runs unprivileged and exec-s mtr-packet (or
env[MTR_PACKAGE])
NOTE: which has cap_net_raw.
NOTE: Mitigation: if running mtr through sudo (typically MacOSX),
requires
NOTE: touching /etc/mtr.is.run.under.sudo to disable ENV[MTR_PACKET]
fallback.
NOTE: Fixed by:
https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6
NOTE: Introduced by:
https://github.com/traviscross/mtr/commit/fcda9e8b82ca354049fa0ee9cfcb2eaaae623ee0
(v0.88)
+ NOTE: Negligible security impact on Debian
CVE-2025-49601 (In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key
does not ...)
- mbedtls 3.6.4-1 (bug #1108788)
[bookworm] - mbedtls <not-affected> (Vulnerable code not present)
@@ -4556,6 +4563,7 @@ CVE-2025-52891 (ModSecurity is an open source, cross
platform web application fi
NOTE: Fixed by:
https://github.com/owasp-modsecurity/ModSecurity/commit/8879413abf507b1921f6feb292ee91e0f0064b01
(v2.9.11)
CVE-2025-52886 (Poppler is a PDF rendering library. Versions prior to 25.06.0
use `std ...)
- poppler <unfixed> (bug #1108784)
+ [bookworm] - poppler <no-dsa> (Minor issue)
[bullseye] - poppler <postponed> (Minor issue)
NOTE: https://securitylab.github.com/advisories/GHSL-2025-054_poppler/
NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581
@@ -5179,10 +5187,12 @@ CVE-2025-53076 (Improper Input Validation vulnerability
in Samsung Open Source r
NOTE: Fxied by:
https://github.com/Samsung/rlottie/commit/36ddb42d78d1b13c1b1d7e1699aef8a9f339ab6f
CVE-2025-53075 (Improper Input Validation vulnerability in Samsung Open Source
rLottie ...)
- rlottie <unfixed> (bug #1109341)
+ [bookworm] - rlottie <no-dsa> (Minor issue)
NOTE: https://github.com/Samsung/rlottie/pull/571
NOTE:
https://github.com/Samsung/rlottie/commit/507ea027e47d3e1dc7ddbd9994621215eae7ebb9
CVE-2025-53074 (Out-of-bounds Read vulnerability in Samsung Open Source
rLottie allows ...)
- rlottie <unfixed> (bug #1109341)
+ [bookworm] - rlottie <no-dsa> (Minor issue)
NOTE: https://github.com/Samsung/rlottie/pull/571
NOTE:
https://github.com/Samsung/rlottie/commit/507ea027e47d3e1dc7ddbd9994621215eae7ebb9
CVE-2025-46014 (Several services in Honor Device Co., Ltd Honor PC Manager
v16.0.0.118 ...)
@@ -5209,6 +5219,7 @@ CVE-2025-38087 (In the Linux kernel, the following
vulnerability has been resolv
NOTE:
https://git.kernel.org/linus/b160766e26d4e2e2d6fe2294e0b02f92baefcec5 (6.16-rc3)
CVE-2025-0634 (Use After Free vulnerability in Samsung Open Source rLottie
allows Rem ...)
- rlottie <unfixed> (bug #1109341)
+ [bookworm] - rlottie <no-dsa> (Minor issue)
NOTE: https://github.com/Samsung/rlottie/pull/571
NOTE:
https://github.com/Samsung/rlottie/commit/507ea027e47d3e1dc7ddbd9994621215eae7ebb9
CVE-2015-20112 (RLPx 5 has two CTR streams based on the same key, IV, and
nonce. This ...)
@@ -5255,6 +5266,7 @@ CVE-2025-6854 (A vulnerability classified as problematic
was found in chatchat-s
NOT-FOR-US: Langchain-Chatchat
CVE-2025-5878 (A vulnerability was found in ESAPI esapi-java-legacy and
classified as ...)
- libowasp-esapi-java <unfixed> (bug #1109378)
+ [bookworm] - libowasp-esapi-java <no-dsa> (Minor issue)
NOTE:
https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512
(esapi-2.7.0.0)
NOTE:
https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56
(esapi-2.7.0.0)
CVE-2025-24292 (A misconfigured query in UniFi Network (v9.1.120 and earlier)
could al ...)
@@ -6190,6 +6202,7 @@ CVE-2025-6444 (ServiceStack GetErrorResponse Improper
Input Validation NTLM Rela
NOT-FOR-US: ServiceStack
CVE-2025-6442 (Ruby WEBrick read_header HTTP Request Smuggling Vulnerability.
This vu ...)
- ruby-webrick 1.9.1-1
+ [bookworm] - ruby-webrick <no-dsa> (Minor issue)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-414/
NOTE: Fixed by:
https://github.com/ruby/webrick/commit/ee60354bcb84ec33b9245e1d1aa6e1f7e8132101
(v1.8.2)
CVE-2025-5927 (The Everest Forms (Pro) plugin for WordPress is vulnerable to
arbitrar ...)
@@ -6828,6 +6841,7 @@ CVE-2025-52937 (Vulnerability in PointCloudLibrary PCL
(surface/src/3rdparty/ope
CVE-2025-52936 (Improper Link Resolution Before File Access ('Link Following')
vulnera ...)
{DLA-4238-1}
- sslh <unfixed> (bug #1108284)
+ [bookworm] - sslh <no-dsa> (Minor issue)
NOTE: https://github.com/yrutschle/sslh/pull/494
NOTE: Fixed by:
https://github.com/yrutschle/sslh/commit/0fe9bd5a956a123342ff12352b25bff8025dac69
(v2.2.2)
CVE-2025-52935 (Integer Overflow or Wraparound vulnerability in dragonflydb
dragonfly ...)
@@ -13738,6 +13752,7 @@ CVE-2025-47272 (The CE Phoenix eCommerce platform,
starting in version 1.0.9.7 a
NOT-FOR-US: CE Phoenix
CVE-2025-46807 (A Allocation of Resources Without Limits or Throttling
vulnerability i ...)
- sslh <unfixed> (bug #1107213)
+ [bookworm] - sslh <no-dsa> (Minor issue)
[bullseye] - sslh <ignored> (Minor issue; too intrusive to backport)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1243122
NOTE: Fixed by:
https://github.com/yrutschle/sslh/commit/ff8206f7c8a47f901b78a1b78db5a4c788f6aa6f
(v2.2.4)
@@ -26282,19 +26297,23 @@ CVE-2025-25228 (A SQL injection in VirtueMart
component 1.0.0 - 4.4.7 for Joomla
NOT-FOR-US: Joomla
CVE-2025-43973 (An issue was discovered in GoBGP before 3.35.0.
pkg/packet/rtr/rtr.go ...)
- gobgp 3.35.0-1
+ [bookworm] - gobgp <no-dsa> (Minor issue)
[bullseye] - gobgp <postponed> (Limited support, minor issue, DoS,
follow bookworm DSAs/point-releases)
NOTE: Fixed by:
https://github.com/osrg/gobgp/commit/5693c58a4815cc6327b8d3b6980f0e5aced28abe
(v3.35.0)
CVE-2025-43972 (An issue was discovered in GoBGP before 3.35.0. An attacker
can cause ...)
- gobgp 3.35.0-1
+ [bookworm] - gobgp <no-dsa> (Minor issue)
[bullseye] - gobgp <postponed> (Limited support, minor issue, DoS,
follow bookworm DSAs/point-releases)
NOTE: Fixed by:
https://github.com/osrg/gobgp/commit/ca7383f450f7b296c5389feceef2467de5ab6e5a
(v3.35.0)
CVE-2025-43971 (An issue was discovered in GoBGP before 3.35.0.
pkg/packet/bgp/bgp.go ...)
- gobgp 3.35.0-1
+ [bookworm] - gobgp <no-dsa> (Minor issue)
[bullseye] - gobgp <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by:
https://github.com/osrg/gobgp/commit/08a001e06d90e8bcc190084c66992f46f62c0986
(v3.35.0)
NOTE: Introduced by:
https://github.com/osrg/gobgp/commit/c556ca4f8d6ed1d31a1a257af338abede79a321e
(v3.11.0)
CVE-2025-43970 (An issue was discovered in GoBGP before 3.35.0.
pkg/packet/mrt/mrt.go ...)
- gobgp 3.35.0-1
+ [bookworm] - gobgp <no-dsa> (Minor issue)
[bullseye] - gobgp <postponed> (Limited support, minor issue, DoS,
follow bookworm DSAs/point-releases)
NOTE: Fixed by:
https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0
(v3.35.0)
CVE-2025-43967 (libheif before 1.19.6 has a NULL pointer dereference in
ImageItem_Grid ...)
@@ -59314,6 +59333,7 @@ CVE-2025-21312 (Windows Smart Card Reader Information
Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2025-21311 (Windows NTLM V1 Elevation of Privilege Vulnerability)
- squid 7.1-1
+ [bookworm] - squid <no-dsa> (Minor issue)
NOTE: 7.1 removes the ntlm_smb_lm_auth module
CVE-2025-21310 (Windows Digital Media Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
=====================================
data/dsa-needed.txt
=====================================
@@ -30,7 +30,9 @@ frr
gh
Santiago Vila might work on preparing an update
--
-gnutls28
+git
+--
+gnutls28 (jmm)
Maintainer prepared updates
--
guix
@@ -40,15 +42,22 @@ jackson-core
libreswan
Waiting on feedback from maintainer
--
+libxslt
+ We should wait until the patches are merged upstream
+--
linux (carnil)
Wait until more issues have piled up, though try to regulary rebase for point
releases to more 6.1.y versions
--
+mbedtls
+--
netty
--
nodejs
Bastien Roucaries (rouca) showed interest to prepare an update and is
working on it
--
+openjdk-17 (jmm)
+--
opennds
pinged maintainer, but no reply yet. should most probably be bumped to 10.x
--
@@ -56,11 +65,15 @@ pagure
--
pgpool2 (aron)
--
+php8.2
+--
php-laravel-framework
--
python-django
Chris is working on it
--
+redis
+--
ruby-rack
--
ruby-saml
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/832e5b0170d7aab7383df5d4d3d8498ece41bb58
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/832e5b0170d7aab7383df5d4d3d8498ece41bb58
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
