Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
62c4f6b0 by Salvatore Bonaccorso at 2025-08-23T10:35:07+02:00
Add Debian bug references for log4cxx issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -205,12 +205,12 @@ CVE-2025-55454 (An authenticated arbitrary file upload
vulnerability in the comp
CVE-2025-55398 (An issue was discovered in mouse07410 asn1c thru 0.9.29
(2025-03-20) - ...)
NOT-FOR-US: mouse07410 asn1c
CVE-2025-54813 (Improper Output Neutralization for Logs vulnerability in
Apache Log4cx ...)
- - log4cxx <unfixed>
+ - log4cxx <unfixed> (bug #1111881)
NOTE: https://logging.apache.org/security.html#CVE-2025-54813
NOTE: https://github.com/apache/logging-log4cxx/pull/512
NOTE: Fixed by:
https://github.com/apache/logging-log4cxx/commit/a799c934545311ff4179c68e16bbeb02b5c66348
(rel/v1.5.0, v1.5.0-RC1)
CVE-2025-54812 (Improper Output Neutralization for Logs vulnerability in
Apache Log4cx ...)
- - log4cxx <unfixed>
+ - log4cxx <unfixed> (bug #1111879)
NOTE: https://logging.apache.org/security.html#CVE-2025-54812
NOTE: https://github.com/apache/logging-log4cxx/pull/509
NOTE:
https://github.com/apache/logging-log4cxx/commit/1c599de956ae9eedd8b5e3f744bfb867c39e8bba
(rel/v1.5.0, rv1.5.0-RC1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62c4f6b0816ecbe3d52c2af17a8e1836d5a27a26
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62c4f6b0816ecbe3d52c2af17a8e1836d5a27a26
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
