Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
30f25fa1 by Salvatore Bonaccorso at 2025-09-28T19:13:07+02:00
Track fixed versionfor two log4cxx issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13120,14 +13120,14 @@ CVE-2025-55454 (An authenticated arbitrary file
upload vulnerability in the comp
CVE-2025-55398 (An issue was discovered in mouse07410 asn1c thru 0.9.29
(2025-03-20) - ...)
NOT-FOR-US: mouse07410 asn1c
CVE-2025-54813 (Improper Output Neutralization for Logs vulnerability in
Apache Log4cx ...)
- - log4cxx <unfixed> (bug #1111881)
+ - log4cxx 1.4.0-1.1 (bug #1111881)
[trixie] - log4cxx <no-dsa> (Minor issue)
[bookworm] - log4cxx <no-dsa> (Minor issue)
NOTE: https://logging.apache.org/security.html#CVE-2025-54813
NOTE: https://github.com/apache/logging-log4cxx/pull/512
NOTE: Fixed by:
https://github.com/apache/logging-log4cxx/commit/a799c934545311ff4179c68e16bbeb02b5c66348
(rel/v1.5.0, v1.5.0-RC1)
CVE-2025-54812 (Improper Output Neutralization for Logs vulnerability in
Apache Log4cx ...)
- - log4cxx <unfixed> (bug #1111879)
+ - log4cxx 1.4.0-1.1 (bug #1111879)
[trixie] - log4cxx <no-dsa> (Minor issue)
[bookworm] - log4cxx <no-dsa> (Minor issue)
NOTE: https://logging.apache.org/security.html#CVE-2025-54812
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30f25fa1de8e7fa1e683e18462faf6f7b0c5c65b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30f25fa1de8e7fa1e683e18462faf6f7b0c5c65b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
