Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3a951256 by Salvatore Bonaccorso at 2025-02-19T23:08:41+01:00
Add new chromium issues
- - - - -
f74820cb by Salvatore Bonaccorso at 2025-02-19T23:09:33+01:00
Add chromium to dsa-needed list
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,7 +17,8 @@ CVE-2025-1465 (A vulnerability, which was classified as
problematic, was found i
CVE-2025-1464 (A vulnerability, which was classified as critical, has been
found in B ...)
NOT-FOR-US: Baiyi Cloud Asset Management System
CVE-2025-1426 (Heap buffer overflow in GPU in Google Chrome on Android prior
to 133.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1135 (A vulnerability exists in ChurchCRM5.13.0. and prior that
allows an at ...)
NOT-FOR-US: ChurchCRM
CVE-2025-1134 (A vulnerability exists in ChurchCRM5.13.0 and prior that allows
an att ...)
@@ -33,9 +34,11 @@ CVE-2025-1024 (A vulnerability exists in ChurchCRM
5.13.0that allows an attacker
CVE-2025-1007 (In OpenVSX version v0.9.0 to v0.20.0, the
/user/namespace/{namespace} ...)
TODO: check
CVE-2025-1006 (Use after free in Network in Google Chrome prior to
133.0.6943.126 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-0999 (Heap buffer overflow in V8 in Google Chrome prior to
133.0.6943.126 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-0968 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2025-0916 (The YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook,
Mailgun, Br ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it.
If needed, specify the release by adding a slash after the name of the source
package.
+--
+chromium (dilinger)
--
fort-validator
probably best to bump bookworm to current upstream
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/03f92f007ee529f891af0f685e62d9a6ce694c3f...f74820cbd2fc6892f8c91ec0aca64652d6c0e5f9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/03f92f007ee529f891af0f685e62d9a6ce694c3f...f74820cbd2fc6892f8c91ec0aca64652d6c0e5f9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
