[Git][security-tracker-team/security-tracker][master] bookworm triage

Mon, 02 Jun 2025 08:40:42 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4028dbfa by Moritz Muehlenhoff at 2025-06-02T17:33:19+02:00
bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -18308,6 +18308,7 @@ CVE-2025-32052 (A flaw was found in libsoup. A 
vulnerability in the sniff_unknow
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libsoup/-/commit/f182429e5b1fc034050510da20c93256c4fa9652
 (3.6.1)
 CVE-2025-32051 (A flaw was found in libsoup. The libsoup 
soup_uri_decode_data_uri() fu ...)
        - libsoup3 3.6.1-1
+       [bookworm] - libsoup3 <no-dsa> (Minor issue)
        - libsoup2.4 <not-affected> (Vulnerable code introduced later, cf 
#1102213)
        NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/401
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libsoup/-/commit/0713ba4a719da938dc8facc89fca99cd0aa3069f
 (3.6.1)
@@ -18601,6 +18602,7 @@ CVE-2025-2874 (The User Submitted Posts \u2013 Enable 
Users to Submit Posts from
 CVE-2025-2784 (A flaw was found in libsoup. The package is vulnerable to a 
heap buffe ...)
        {DLA-4140-1}
        - libsoup3 3.6.5-1
+       [bookworm] - libsoup3 <no-dsa> (Minor issue)
        - libsoup2.4 2.74.3-10 (bug #1102208)
        [bookworm] - libsoup2.4 <no-dsa> (Minor issue)
        NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
@@ -18610,6 +18612,7 @@ CVE-2025-2784 (A flaw was found in libsoup. The package 
is vulnerable to a heap
 CVE-2025-32053 (A flaw was found in libsoup. A vulnerability in 
sniff_feed_or_html() a ...)
        {DLA-4140-1}
        - libsoup3 3.6.1-1
+       [bookworm] - libsoup3 <no-dsa> (Minor issue)
        - libsoup2.4 2.74.3-10 (bug #1102215)
        [bookworm] - libsoup2.4 <no-dsa> (Minor issue)
        NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/426


=====================================
data/dsa-needed.txt
=====================================
@@ -57,7 +57,7 @@ python-tornado
 --
 ring
 --
-roundcube
+roundcube (jmm)
 --
 ruby-rack
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4028dbfac7a292152c7ae4b5d10c2d7bf7a9ca07

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4028dbfac7a292152c7ae4b5d10c2d7bf7a9ca07
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to