bookworm triage

Moritz Muehlenhoff (@jmm) Thu, 21 Aug 2025 08:23:32 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
45dd9a41 by Moritz Muehlenhoff at 2025-08-21T17:22:45+02:00
trixie/bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -730,7 +730,8 @@ CVE-2025-9165 (A flaw has been found in LibTIFF 4.7.0. This 
affects the function
        NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/747
        NOTE: 
https://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0
 CVE-2025-9157 (A vulnerability was determined in appneta tcpreplay up to 
4.5.2-beta2. ...)
-       - tcpreplay <unfixed>
+       - tcpreplay <unfixed> (unimportant)
+       NOTE: Crash in CLI tool, no security impact
        NOTE: https://github.com/appneta/tcpreplay/issues/970
        NOTE: 
https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da
 CVE-2025-9156 (A vulnerability was found in itsourcecode Sports Management 
System 1.0 ...)
@@ -1182,6 +1183,8 @@ CVE-2025-38553 (In the Linux kernel, the following 
vulnerability has been resolv
        NOTE: 
https://git.kernel.org/linus/ec8e0e3d7adef940cdf9475e2352c0680189d14e (6.17-rc1)
 CVE-2025-53192 (** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of 
Expression/ ...)
        - ognl <unfixed> (bug #1111588)
+       [trixie] - ognl <no-dsa> (Minor issue)
+       [bookworm] - ognl <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2025/08/18/4
        NOTE: https://lists.apache.org/thread/2gj8tjl6vz949nnp3yxz3okm9xz2k7sp
 CVE-2025-7693 (A security issue exists due to improper handling of malformed 
CIP Forw ...)
@@ -2545,6 +2548,8 @@ CVE-2025-55198 (Helm is a package manager for Charts for 
Kubernetes. Prior to ve
        - helm-kubernetes <itp> (bug #910799)
 CVE-2025-55197 (pypdf is a free and open-source pure-python PDF library. Prior 
to vers ...)
        - pypdf <unfixed> (bug #1111139)
+       [trixie] - pypdf <no-dsa> (Minor issue)
+       [bookworm] - pypdf <no-dsa> (Minor issue)
        - pypdf2 <removed>
        NOTE: 
https://github.com/py-pdf/pypdf/security/advisories/GHSA-7hfw-26vp-jp8m
        NOTE: https://github.com/py-pdf/pypdf/issues/3429


=====================================
data/dsa-needed.txt
=====================================
@@ -61,6 +61,8 @@ php-laravel-framework/oldstable
 python-django/oldstable
   Chris is working on it
 --
+qemu (jmm)
+--
 ruby-rack/oldstable
 --
 ruby-saml/oldstable
@@ -68,8 +70,7 @@ ruby-saml/oldstable
 --
 sogo/oldstable
 --
-squid/oldstable
-  Bastien Roucariès proposed to work on squid updates for bookworm
+squid/oldstable (jmm)
 --
 sympa/oldstable
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45dd9a410a37e065009ef40375504cbdedc4dcb9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45dd9a410a37e065009ef40375504cbdedc4dcb9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage

Reply via email to