Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7799bc48 by Salvatore Bonaccorso at 2025-05-06T22:28:09+02:00
Add CVE-2025-47256/libxmp
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,7 +57,10 @@ CVE-2025-4041 (In Optigo Networks ONS NC600 versions
4.2.1-084 through 4.7.2-330
CVE-2025-47417 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
NOT-FOR-US: Crestron Automate VX
CVE-2025-47256 (Libxmp through 4.6.2 has a stack-based buffer overflow in
depack_pha i ...)
- TODO: check
+ - libxmp <unfixed>
+ NOTE: https://github.com/libxmp/libxmp/issues/847
+ NOTE: https://github.com/libxmp/libxmp/pull/848
+ NOTE: Fixed by:
https://github.com/libxmp/libxmp/commit/004a102c5a75ad809fc309ff73ce8d0f9ab3e456
CVE-2025-46820 (phpgt/Dom provides access to modern DOM APIs. Versions of
phpgt/Dom pr ...)
TODO: check
CVE-2025-46816 (goshs is a SimpleHTTPServer written in Go. Starting in version
0.3.4 a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7799bc48638877c2e259eb170d9176e30dd3ad61
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7799bc48638877c2e259eb170d9176e30dd3ad61
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
