bookworm triage

Moritz Muehlenhoff (@jmm) Mon, 11 Aug 2025 01:33:23 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3ee8e2ce by Moritz Muehlenhoff at 2025-08-11T10:32:08+02:00
trixie/bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -628,6 +628,8 @@ CVE-2025-54799 (Let's Encrypt client and ACME library 
written in Go (Lego). In v
        NOTE: Workaround: CA endpoint should enforce HTTPS instead of HTTP.
 CVE-2025-54798 (tmp is a temporary file and directory creator for node.js. In 
versions ...)
        - node-tmp <unfixed> (bug #1110532)
+       [trixie] - node-tmp <no-dsa> (Minor issue)
+       [bookworm] - node-tmp <no-dsa> (Minor issue)
        NOTE: 
https://github.com/raszi/node-tmp/security/advisories/GHSA-52f5-9888-hmc6
        NOTE: https://github.com/raszi/node-tmp/issues/207
        NOTE: 
https://github.com/raszi/node-tmp/commit/188b25e529496e37adaf1a1d9dccb40019a08b1b
 (v0.2.4)
@@ -669,6 +671,8 @@ CVE-2025-46659 (An issue was discovered in ExonautWeb in 4C 
Strategies Exonaut 2
        NOT-FOR-US: 4C Strategies
 CVE-2025-3770 (EDK2 contains a vulnerability in BIOS where an attacker may 
cause \u20 ...)
        - edk2 <unfixed> (bug #1110533)
+       [trixie] - edk2 <no-dsa> (Minor issue)
+       [bookworm] - edk2 <no-dsa> (Minor issue)
        [bullseye] - edk2 <postponed> (minor; likely a concern only on real 
hardware; used on S3 handling on qemu)
        NOTE: 
https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr
        NOTE: only arch: amd64, other arch (particularly i386) are not affected
@@ -5732,6 +5736,8 @@ CVE-2025-7397 (A vulnerability in the ascgshell, of  
Brocade ASCG before 3.3.0 s
        NOT-FOR-US: Brocade
 CVE-2025-7339 (on-headers is a node.js middleware for listening to when a 
response wr ...)
        - node-on-headers 1.0.2-4 (bug #1109525)
+       [trixie] - node-on-headers <no-dsa> (Minor issue)
+       [bookworm] - node-on-headers <no-dsa> (Minor issue)
        [bullseye] - node-on-headers <postponed> (Minor issue)
        NOTE: 
https://github.com/jshttp/on-headers/security/advisories/GHSA-76c9-3jph-rj3q
        NOTE: https://github.com/jshttp/on-headers/issues/15



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ee8e2cecf102e02d35856f6481e1d285924c4a8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ee8e2cecf102e02d35856f6481e1d285924c4a8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage

Reply via email to