Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d09bcd32 by Salvatore Bonaccorso at 2025-12-24T09:32:55+01:00
Add CVE-2025-68617/fluidsynth
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,7 +29,13 @@ CVE-2025-68665 (LangChain is a framework for building
LLM-powered applications.
CVE-2025-68664 (LangChain is a framework for building agents and LLM-powered
applicati ...)
NOT-FOR-US: LangChain
CVE-2025-68617 (FluidSynth is a software synthesizer based on the SoundFont 2
specific ...)
- TODO: check
+ - fluidsynth <unfixed>
+ NOTE:
https://github.com/FluidSynth/fluidsynth/security/advisories/GHSA-ffw2-xvvp-39ch
+ NOTE: https://github.com/FluidSynth/fluidsynth/issues/1717
+ NOTE: https://github.com/FluidSynth/fluidsynth/issues/1728
+ NOTE: Fixed by:
https://github.com/FluidSynth/fluidsynth/commit/92f81cb3b8e02dcb78888bd4dfb9e61076c33c34
(v2.5.2)
+ NOTE: Fixed by:
https://github.com/FluidSynth/fluidsynth/commit/ca2f65dcfaff7f69e5bb9fee311798a6a35443e0
(v2.5.2)
+ NOTE: Fixed by:
https://github.com/FluidSynth/fluidsynth/commit/962b9946b5cb6b16f0c08b89dd1b7016d4fce886
(v2.5.2)
CVE-2025-66445 (Authorization bypass vulnerability in Hitachi Infrastructure
Analytics ...)
NOT-FOR-US: Hitachi
CVE-2025-66444 (Cross-site Scripting vulnerability in Hitachi Infrastructure
Analytics ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d09bcd320eb1b708a3c98292e26e8aa105676ce4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d09bcd320eb1b708a3c98292e26e8aa105676ce4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
