[Git][security-tracker-team/security-tracker][master] 2 commits: Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
28cc1de9 by Salvatore Bonaccorso at 2025-04-04T15:15:20+02:00
Process two NFUs

- - - - -
76f86226 by Salvatore Bonaccorso at 2025-04-04T15:15:22+02:00
Add one new assimp issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,9 +31,9 @@ CVE-2025-3204 (A vulnerability, which was classified as 
critical, has been found
 CVE-2025-3203 (A vulnerability classified as problematic was found in Tenda 
W18E 16.0 ...)
        NOT-FOR-US: Tenda
 CVE-2025-3202 (A vulnerability classified as critical has been found in 
ageerle ruoyi ...)
-       TODO: check
+       NOT-FOR-US: ageerle ruoyi-ai
 CVE-2025-3199 (A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and 
classifi ...)
-       TODO: check
+       NOT-FOR-US: ageerle ruoyi-ai
 CVE-2025-3198 (A vulnerability has been found in GNU Binutils 2.43/2.44 and 
classifie ...)
        - binutils <unfixed> (unimportant)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=32716
@@ -42,7 +42,9 @@ CVE-2025-3198 (A vulnerability has been found in GNU Binutils 
2.43/2.44 and clas
 CVE-2025-3197 (Versions of the package expand-object from 0.0.0 are vulnerable 
to Pro ...)
        TODO: check
 CVE-2025-3196 (A vulnerability, which was classified as critical, was found in 
Open A ...)
-       TODO: check
+       - assimp <unfixed>
+       NOTE: https://github.com/assimp/assimp/issues/6069
+       TODO: fixed upstream in master, need to identify upstream commit
 CVE-2025-3195 (A vulnerability, which was classified as critical, has been 
found in i ...)
        TODO: check
 CVE-2025-3194 (Versions of the package bigint-buffer from 0.0.0 are vulnerable 
to Buf ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dcb266ba636f77166f98fc123ef421b80138ed2e...76f86226321f0fb63e9f56132365f7f87229f54b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dcb266ba636f77166f98fc123ef421b80138ed2e...76f86226321f0fb63e9f56132365f7f87229f54b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits