[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Update code-projects rule to catch as well site subproducts

Thu, 03 Apr 2025 14:01:34 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8b507f8d by Salvatore Bonaccorso at 2025-04-03T23:00:15+02:00
auto-nfu: Update code-projects rule to catch as well site subproducts

- - - - -
ca23cf77 by Salvatore Bonaccorso at 2025-04-03T23:00:59+02:00
Update note for CVE-2025-29369

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -213,7 +213,7 @@ CVE-2025-29504 (Insecure Permission vulnerability in 
student-manage 1 allows a l
 CVE-2025-29462 (A buffer overflow vulnerability has been discovered in Tenda 
Ac15 V15. ...)
        NOT-FOR-US: Tenda
 CVE-2025-29369 (Code-Projects Matrimonial Site V1.0 is vulnerable to SQL 
Injection in  ...)
-       NOT-FOR-US: Code-Projects  Site
+       NOT-FOR-US: code-projects
 CVE-2025-29064 (An issue in TOTOLINK x18 v.9.1.0cu.2024_B20220329 allows a 
remote atta ...)
        NOT-FOR-US: TOTOLINK
 CVE-2025-26818 (Netwrix Password Secure through 9.2 allows command injection.)


=====================================
data/packages/nfu.yaml
=====================================
@@ -182,7 +182,7 @@
       - product: Microsoft Partner Center
 # Description based rules
 - reason: code-projects
-  description: '.*\b(?i:code-projects)\s.*\s(?i:system)\b.*'
+  description: '.*\b(?i:code-projects)\s.*\s(?i:(site|system))\b.*'
 - reason: Codezips
   description: '.*\b(?i:codezips)\s.*\s(?i:(system|website))\b.*'
 - reason: D-Link



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/40018bcae75c3648c81e1d142c8aaadfbd9a488f...ca23cf77cb69ab560b086526841059bc4d6eae7b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/40018bcae75c3648c81e1d142c8aaadfbd9a488f...ca23cf77cb69ab560b086526841059bc4d6eae7b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to