Bastien Roucariès pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1d5f791d by Bastien Roucariès at 2025-03-09T11:34:39+00:00
CVE-2025-22870
Add description lacking on CVEs and CNA
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1059,6 +1059,8 @@ CVE-2025-22870
NOTE: https://github.com/golang/go/issues/71984
NOTE: Fixed by:
https://github.com/golang/go/commit/334de7982f8ec959c74470dd709ceedfd6dbd50a
(go1.24.1)
NOTE: Fixed by:
https://github.com/golang/go/commit/25177ecde0922c50753c043579d17828b7ee88e7
(go1.23.7)
+ NOTE: Matching of hosts against proxy patterns could improperly treat
an IPv6 zone ID as a hostname component.
+ NOTE: For example, when the NO_PROXY environment variable was set to
"*.example.com", a request to "[::1%25.example.com]:80` would incorrectly match
and not be proxied.
CVE-2025-1923 (Inappropriate implementation in Permission Prompts in Google
Chrome pr ...)
{DSA-5875-1}
- chromium 134.0.6998.35-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d5f791d005926a07e6546d299235274558e7b88
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d5f791d005926a07e6546d299235274558e7b88
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
