Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce145e25 by Salvatore Bonaccorso at 2026-01-22T22:43:59+01:00
Add CVE-2025-71176/pytest
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -321,7 +321,10 @@ CVE-2026-0534 (A maliciously crafted HTML payload, stored
in a part\u2019s attri
CVE-2026-0533 (A maliciously crafted HTML payload in a design name, when
displayed du ...)
NOT-FOR-US: Autodesk
CVE-2025-71176 (pytest through 9.0.2 on UNIX relies on directories with the
/tmp/pytes ...)
- TODO: check
+ - pytest <unfixed> (unimportant)
+ NOTE: https://github.com/pytest-dev/pytest/issues/13669
+ NOTE: https://www.openwall.com/lists/oss-security/2026/01/21/5
+ NOTE: Neutralised by kernel hardening (fs.protected_symlinks = 1)
CVE-2025-70899 (PHPgurukul Online Course Registration v3.1 lacks Cross-Site
Request Fo ...)
NOT-FOR-US: PHPGurukul
CVE-2025-69828 (File Upload vulnerability in TMS Global Software TMS
Management Consol ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce145e251613879ba5060c35b57e9fcdb152fae3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce145e251613879ba5060c35b57e9fcdb152fae3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
