Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02168f9f by Salvatore Bonaccorso at 2025-03-18T07:54:41+01:00
Add CVE-2025-29786/golang-github-antonmedv-expr
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -68,7 +68,10 @@ CVE-2025-29787 (`zip` is a zip library for rust which
supports reading and writi
NOTE: Fixed by:
https://github.com/zip-rs/zip2/commit/a2e062f37066c3b12860a32eb1cb44856cfb7afe
(v2.3.0)
TODO: check, might only be introduced in 1.3.0
CVE-2025-29786 (Expr is an expression language and expression evaluation for
Go. Prior ...)
- TODO: check
+ - golang-github-antonmedv-expr <unfixed>
+ NOTE: https://github.com/advisories/GHSA-93mq-9ffx-83m2
+ NOTE: https://github.com/expr-lang/expr/pull/762
+ NOTE: Fixed by:
https://github.com/expr-lang/expr/commit/0d19441454426d2f58edb22c31f3ba5f99c7a26e
(v1.17.0)
CVE-2025-29431 (Code-projects Online Class and Exam Scheduling System V1.0 is
vulnerab ...)
NOT-FOR-US: code-projects
CVE-2025-29430 (Code-projects Online Class and Exam Scheduling System V1.0 is
vulnerab ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02168f9fcca5f2c6f783b9681998405a3a214c2f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02168f9fcca5f2c6f783b9681998405a3a214c2f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
