Santiago R.R. pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f7a24a49 by Santiago Ruano Rincón at 2025-11-29T09:43:48-03:00
Mark tryton-server's temporary entry (#1121241) as not-affected in bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1180,7 +1180,7 @@ CVE-2025-XXXX [IDOR / Access Control Issue - Unauthorized
Access to User Signatu
- tryton-server 7.0.40-1 (bug #1121241)
[trixie] - tryton-server 7.0.30-1+deb13u1
[bookworm] - tryton-server 6.0.29-2+deb12u4
- [bullseye] - tryton-server 5.0.33-2+deb11u4
+ [bullseye] - tryton-server <not-affected> (Vulnerable code introduced
in 5.2.0)
NOTE: https://discuss.tryton.org/t/security-release-for-issue-14364/8952
NOTE: https://foss.heptapod.net/tryton/tryton/-/issues/14364
CVE-2025-XXXX [Information disclosure: unhandled KeyError returns full Python
stack trace for unknown fields in JSON-RPC (model.party.party.create)]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7a24a49d5aeb255b02db2662a2057ab212ce56f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7a24a49d5aeb255b02db2662a2057ab212ce56f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
