Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f9432085 by Moritz Muehlenhoff at 2025-08-22T13:49:13+02:00
trixie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3262,6 +3262,7 @@ CVE-2025-0818 (Several WordPress plugins using elFinder
versions 2.1.64 and prio
CVE-2025-8860
[experimental] - qemu 1:10.1.0~rc3+ds-1
- qemu 1:10.0.3+ds-4 (bug #1111030)
+ [trixie] - qemu <no-dsa> (Minor issue)
[bookworm] - qemu <not-affected> (Vulnerable code not present)
[bullseye] - qemu <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2387588
@@ -7488,6 +7489,7 @@ CVE-2025-23286 (NVIDIA GPU Display Driver for Windows and
Linux contains a vulne
- nvidia-graphics-drivers-tesla 525.147.05-6 (bug #1109914)
NOTE: 525.147.05-6 turned the package into a metapackage to aid
switching to nvidia-graphics-drivers
- nvidia-open-gpu-kernel-modules <unfixed> (bug #1109915)
+ [trixie] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not
supported)
[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Non-free not
supported)
[experimental] - nvidia-graphics-drivers-tesla-535 535.261.03-1
- nvidia-graphics-drivers-tesla-535 <unfixed> (bug #1109916)
@@ -7511,9 +7513,9 @@ CVE-2025-23279 (NVIDIA .run Installer for Linux and
Solaris contains a vulnerabi
- nvidia-graphics-drivers-tesla 525.147.05-6 (bug #1109914)
NOTE: 525.147.05-6 turned the package into a metapackage to aid
switching to nvidia-graphics-drivers
- nvidia-open-gpu-kernel-modules <unfixed> (bug #1109915)
+ [trixie] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not
supported)
[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Non-free not
supported)
- [experimental] - nvidia-graphics-drivers-tesla-535 535.261.03-1
- - nvidia-graphics-drivers-tesla-535 <unfixed> (bug #1109916)
+ - nvidia-graphics-drivers-tesla-535 535.261.03-1 (bug #1109916)
[bookworm] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not
supported)
- nvidia-graphics-drivers-tesla-550 <unfixed> (bug #1109917)
CVE-2025-8198 (The MinimogWP \u2013 The High Converting eCommerce WordPress
Theme the ...)
@@ -11470,6 +11472,7 @@ CVE-2025-7465 (A vulnerability classified as critical
was found in Tenda FH1201
NOT-FOR-US: Tenda
CVE-2025-7464 (A vulnerability classified as problematic has been found in
osrg GoBGP ...)
- gobgp <unfixed> (bug #1109300)
+ [trixie] - gobgp <no-dsa> (Minor issue)
[bookworm] - gobgp <no-dsa> (Minor issue)
[bullseye] - gobgp <postponed> (Limited support, follow bookworm
security updates)
NOTE: Fixed by:
https://github.com/osrg/gobgp/commit/e748f43496d74946d14fed85c776452e47b99d64
@@ -14373,6 +14376,7 @@ CVE-2025-1735 (In PHP versions:8.1.* before 8.1.33,
8.2.* before 8.2.29, 8.3.* b
NOTE: Fixed by:
https://github.com/php/php-src/commit/9376aeef9f8ff81f2705b8016237ec3e30bdee44
(php-8.1.33)
CVE-2025-7067 (A vulnerability classified as problematic was found in HDF5
1.14.6. Th ...)
- hdf5 <unfixed> (bug #1108886)
+ [trixie] - hdf5 <no-dsa> (Minor issue)
[bookworm] - hdf5 <no-dsa> (Minor issue)
NOTE: https://github.com/HDFGroup/hdf5/issues/5577
CVE-2025-7066 (Jirafeau normally prevents browser preview for text files due
to the p ...)
@@ -16177,6 +16181,7 @@ CVE-2025-53391 (The Debian zuluPolkit/CMakeLists.txt
file for zuluCrypt through
- zulucrypt <unfixed> (bug #1108288)
CVE-2025-6816 (A vulnerability classified as problematic was found in HDF5
1.14.6. Th ...)
- hdf5 <unfixed> (bug #1108482)
+ [trixie] - hdf5 <no-dsa> (Minor issue)
[bookworm] - hdf5 <no-dsa> (Minor issue)
NOTE: https://github.com/HDFGroup/hdf5/issues/5571
CVE-2025-6778 (A vulnerability, which was classified as problematic, was found
in cod ...)
@@ -16617,6 +16622,7 @@ CVE-2025-6751 (A vulnerability, which was classified as
critical, was found in L
NOT-FOR-US: Linksys
CVE-2025-6750 (A vulnerability, which was classified as problematic, has been
found i ...)
- hdf5 <unfixed> (bug #1108409)
+ [trixie] - hdf5 <no-dsa> (Minor issue)
[bookworm] - hdf5 <no-dsa> (Minor issue)
NOTE: https://github.com/HDFGroup/hdf5/issues/5549
CVE-2025-6749 (A vulnerability classified as critical was found in huija
bicycleShari ...)
@@ -103181,6 +103187,7 @@ CVE-2023-47480 (An issue in Pure Data 0.54-0 and
fixed in 0.54-1 allows a local
NOTE:
https://github.com/pure-data/pure-data/commit/0b5e467b8728b3ed56e1a8ee5b367ce78e7e6e5d
(0.54-1test1)
CVE-2024-8612 (A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and
virtio-c ...)
- qemu <unfixed> (bug #1082406)
+ [trixie] - qemu <no-dsa> (Minor issue)
[bookworm] - qemu <no-dsa> (Minor issue)
[bullseye] - qemu <postponed> (Minor issue; can be fixed in next update)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2313760
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9432085c4677ac1526eb72ea18d31a63197249a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9432085c4677ac1526eb72ea18d31a63197249a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
