Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ab32d1b9 by Salvatore Bonaccorso at 2025-12-02T22:57:29+01:00
Add new chromium issues
- - - - -
f35de58d by Salvatore Bonaccorso at 2025-12-02T22:58:22+01:00
Add chromium to dsa-needed list
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -157,33 +157,46 @@ CVE-2025-13731 (The Nexter Extension \u2013 Site
Enhancements Toolkit plugin for
CVE-2025-13724 (The VikRentCar Car Rental Management System plugin for
WordPress is vu ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13721 (Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a
remote at ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13720 (Bad cast in Loader in Google Chrome prior to 143.0.7499.41
allowed a r ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13658 (A vulnerability in Longwatch devices allows unauthenticated
HTTP GET r ...)
NOT-FOR-US: Industrial Video & Control
CVE-2025-13640 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13639 (Inappropriate implementation in WebRTC in Google Chrome prior
to 143.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13638 (Use after free in Media Stream in Google Chrome prior to
143.0.7499.41 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13637 (Inappropriate implementation in Downloads in Google Chrome
prior to 14 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13636 (Inappropriate implementation in Split View in Google Chrome
prior to 1 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13635 (Inappropriate implementation in Downloads in Google Chrome
prior to 14 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13634 (Inappropriate implementation in Downloads in Google Chrome on
Windows ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13633 (Use after free in Digital Credentials in Google Chrome prior
to 143.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13632 (Inappropriate implementation in DevTools in Google Chrome
prior to 143 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13631 (Inappropriate implementation in Google Updater in Google
Chrome on Mac ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13630 (Type Confusion in V8 in Google Chrome prior to 143.0.7499.41
allowed a ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-13542 (The DesignThemes LMS plugin for WordPress is vulnerable to
Privilege E ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13534 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin
for Wor ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -15,6 +15,8 @@ If needed, specify the release by adding a slash after the
name of the source pa
amd64-microcode (carnil)
Coordinating with maintainer DSA/bookworm-pu and sync with mitgations in
src:linux
--
+chromium (dilinger)
+--
cpp-httplib
Maintainer preparing updates, waiting for feedback on bookworm status
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/74f45c9498430a367add79a4e2b1ea6984bbb1b8...f35de58df29f08439b83fe63c29a7db25f9ed382
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/74f45c9498430a367add79a4e2b1ea6984bbb1b8...f35de58df29f08439b83fe63c29a7db25f9ed382
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
