Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aa2f37cb by Moritz Muehlenhoff at 2025-08-19T21:40:44+02:00
trixie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9872,6 +9872,7 @@ CVE-2025-3621 (Vulnerabilities* in ActADUR local server
product, developed and m
NOT-FOR-US: ActADUR
CVE-2025-53643 (AIOHTTP is an asynchronous HTTP client/server framework for
asyncio an ...)
- python-aiohttp <unfixed> (bug #1109336)
+ [trixie] - python-aiohttp <no-dsa> (Minor issue)
[bookworm] - python-aiohttp <no-dsa> (Minor issue)
[bullseye] - python-aiohttp <postponed> (Minor issue; request smuggling)
NOTE:
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj
@@ -65797,18 +65798,21 @@ CVE-2024-55195 (An allocation-size-too-big bug in the
component /imagebuf.cpp of
NOTE:
https://github.com/AcademySoftwareFoundation/OpenImageIO/commit/f72b3d73d1157c0d25d07b8a1cdb00857788d685
(v2.5.18.0)
CVE-2024-55194 (OpenImageIO v3.1.0.0dev was discovered to contain a heap
overflow via ...)
- openimageio <unfixed> (bug #1094410)
+ [trixie] - openimageio <no-dsa> (Minor issue)
[bookworm] - openimageio <no-dsa> (Minor issue)
[bullseye] - openimageio <ignored> (Minor issue)
NOTE:
https://github.com/AcademySoftwareFoundation/OpenImageIO/issues/4552
NOTE:
https://github.com/AcademySoftwareFoundation/OpenImageIO/commit/34b29f33217e58b7f0d42c059ecf1696c381322a
CVE-2024-55193 (OpenImageIO v3.1.0.0dev was discovered to contain a
segmentation viola ...)
- openimageio <unfixed> (bug #1094411)
+ [trixie] - openimageio <no-dsa> (Minor issue)
[bookworm] - openimageio <no-dsa> (Minor issue)
[bullseye] - openimageio <ignored> (Minor issue)
NOTE:
https://github.com/AcademySoftwareFoundation/OpenImageIO/issues/4551
NOTE:
https://github.com/AcademySoftwareFoundation/OpenImageIO/commit/d2077eb22a821d0ef7614d06cc1540b952d37ddf
CVE-2024-55192 (OpenImageIO v3.1.0.0dev was discovered to contain a heap
overflow via ...)
- openimageio <unfixed> (bug #1094398)
+ [trixie] - openimageio <no-dsa> (Minor issue)
[bookworm] - openimageio <no-dsa> (Minor issue)
[bullseye] - openimageio <ignored> (Minor issue)
NOTE:
https://github.com/AcademySoftwareFoundation/OpenImageIO/issues/4550
@@ -75785,6 +75789,7 @@ CVE-2024-8992 (Some Honor products are affected by
information leak vulnerabilit
NOT-FOR-US: Honor
CVE-2024-56433 (shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a
default /et ...)
- shadow <unfixed> (bug #1103832)
+ [trixie] - shadow <no-dsa> (Minor issue)
[bookworm] - shadow <no-dsa> (Minor issue)
[bullseye] - shadow <postponed> (Minor issue, disputed, no upstream
patch)
NOTE: https://github.com/shadow-maint/shadow/issues/1157
@@ -293818,6 +293823,7 @@ CVE-2022-1589 (The Change wp-admin login WordPress
plugin before 1.1.0 does not
NOT-FOR-US: WordPress plugin
CVE-2022-30292 (Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2
due to lac ...)
- squirrel3 3.1-8.2 (bug #1014539)
+ [trixie] - squirrel3 <no-dsa> (Minor issue)
[bullseye] - squirrel3 <no-dsa> (Minor issue)
[buster] - squirrel3 <no-dsa> (Minor issue)
[stretch] - squirrel3 <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa2f37cbdee252127222520c023dd86429fc5d64
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa2f37cbdee252127222520c023dd86429fc5d64
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
