Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
220d9817 by Moritz Muehlenhoff at 2025-08-23T18:23:14+02:00
bookworm/trixie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -263,9 +263,9 @@ CVE-2025-29366 (In mupen64plus v2.6.0 there is an array
overflow vulnerability i
NOTE: https://github.com/Giles-one/mupen64plusEscape/tree/main/BUG1
TODO: check details
CVE-2025-29365 (spimsimulator spim v9.1.24 and before is vulnerable to Buffer
Overflow ...)
- - spim <unfixed>
+ - spim <unfixed> (unimportant)
NOTE:
https://github.com/Giles-one/spimsimulatorEscape?tab=readme-ov-file#bug1-out-of-bounds-write-in-read_input-function
- TODO: check details
+ NOTE: Negligible security impact
CVE-2024-56179 (In MindManager Windows versions prior to 24.1.150, attackers
could pot ...)
NOT-FOR-US: MindManager Windows
CVE-2024-53499 (Jeewms v3.7 was discovered to contain a SQL injection
vulnerability vi ...)
@@ -2990,6 +2990,8 @@ CVE-2025-50817 (A vulnerability in the Python-Future
1.0.0 module allows for arb
NOTE: https://github.com/PythonCharmers/python-future/issues/268
CVE-2025-50518 (A use-after-free vulnerability exists in the
coap_delete_pdu_lkd funct ...)
- libcoap3 <unfixed>
+ [trixie] - libcoap3 <ignored> (Minor issue, no reverse deps in trixie)
+ [bookworm] - libcoap3 <ignored> (Minor issue, no reverse deps in
Bookworm)
NOTE:
https://github.com/IreneTheITCrowd/blog/blob/main/libcoap-vulnerability.md
TODO: check details, coap_delete_pdu_lkd not present in src/coap_pdu.c,
unclear details for upstream
CVE-2025-50515 (An issue was discovered in phome Empirebak 2010 in
ebak2008/upload/cla ...)
@@ -4866,6 +4868,8 @@ CVE-2025-8737 (A vulnerability, which was classified as
problematic, was found i
NOT-FOR-US: zlt2000 microservices-platform
CVE-2025-8736 (A vulnerability, which was classified as critical, has been
found in G ...)
- cflow <unfixed>
+ [trixie] - cflow <no-dsa> (Minor issue)
+ [bookworm] - cflow <no-dsa> (Minor issue)
[bullseye] - cflow <ignored> (Crash in CLI tools)
NOTE: https://lists.gnu.org/archive/html/bug-cflow/2025-07/msg00001.html
CVE-2025-8735 (A vulnerability classified as problematic was found in GNU
cflow up to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/220d98177ed662233ed1b9fb19d8045371e58d9b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/220d98177ed662233ed1b9fb19d8045371e58d9b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
