[Git][security-tracker-team/security-tracker][master] new nsis issue, bugnums

Fri, 18 Apr 2025 09:12:04 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1a76ae82 by Moritz Muehlenhoff at 2025-04-18T18:11:37+02:00
new nsis issue, bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -722,7 +722,9 @@ CVE-2020-36789 (In the Linux kernel, the following 
vulnerability has been resolv
 CVE-2025-43717 (In PEAR HTTP_Request2 before 2.7.0, multiple files in the 
tests direct ...)
        NOT-FOR-US: PEAR HTTP_Request2
 CVE-2025-43715 (Nullsoft Scriptable Install System (NSIS) before 3.11 on 
Windows allow ...)
-       TODO: check
+       - nsis <unfixed> (bug #1103524)
+       NOTE: https://sourceforge.net/p/nsis/bugs/1315/
+       NOTE: https://nsis.sourceforge.io/Docs/AppendixF.html#v3.11-rl
 CVE-2025-43708 (VisiCut 2.1 allows stack consumption via an XML document with 
nested s ...)
        NOT-FOR-US: VisiCut
 CVE-2025-43704 (Arctera/Veritas Data Insight before 7.1.2 can send cleartext 
credentia ...)
@@ -2320,9 +2322,8 @@ CVE-2025-3589 (A vulnerability, which was classified as 
critical, was found in S
 CVE-2025-3588 (A vulnerability, which was classified as problematic, has been 
found i ...)
        NOT-FOR-US: joelittlejohn jsonschema2pojo
 CVE-2025-3576 (A vulnerability in the MIT Kerberos implementation allows 
GSSAPI-prote ...)
-       - krb5 <unfixed>
+       - krb5 <unfixed> (bug #1103525)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2359465
-       TODO: check upstream details
 CVE-2025-3573 (Versions of the package jquery-validation before 1.20.0 are 
vulnerable ...)
        - civicrm <unfixed> (bug #1103445)
        NOTE: https://github.com/jquery-validation/jquery-validation/pull/2462



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a76ae82b714f832b2c7d454fb3100d5de0fd998

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a76ae82b714f832b2c7d454fb3100d5de0fd998
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to