[Git][security-tracker-team/security-tracker][master] CVE-2025--32049: Drop reference to not yet merged commit

Sun, 27 Apr 2025 13:13:36 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
22ff9009 by Salvatore Bonaccorso at 2025-04-27T22:12:56+02:00
CVE-2025--32049: Drop reference to not yet merged commit

REference instead the current MR which handles to address the fix and
retain the note added by Andreas Henriksson about what the proposed fix
is aiming to do.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7103,9 +7103,9 @@ CVE-2025-32049 (A flaw was found in libsoup. The 
SoupWebsocketConnection may acc
        - libsoup3 <unfixed> (bug #1102067)
        - libsoup2.4 <unfixed> (bug #1102211)
        NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/390
-       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libsoup/-/commit/5a83501544a7ff180a5f3490192a280252cd7d04
-       NOTE: The fix commit above is not merged, just proposed in a MR.
-       NOTE: The fix commit just adds an option with the default retaining old 
behaviour: 
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/408#note_2394070
+       NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/408
+       NOTE: Proposed fix adds an option with the default retaining old 
behaviour:
+       NOTE: 
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/408#note_2394070
 CVE-2025-31911 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31909 (Missing Authorization vulnerability in NotFound Apptivo 
Business Site  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22ff9009c878b1a64b90b99ae2b705882743b94c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22ff9009c878b1a64b90b99ae2b705882743b94c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to