Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f08ff230 by Salvatore Bonaccorso at 2025-10-10T07:55:13+02:00
Add CVE-2025-61672/matrix-synapse
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -223,7 +223,11 @@ CVE-2025-61906 (Opencast is a free, open-source platform
to support the manageme
CVE-2025-61788 (Opencast is a free, open-source platform to support the
management of ...)
NOT-FOR-US: Opencast
CVE-2025-61672 (Synapse is an open source Matrix homeserver implementation.
Lack of va ...)
- TODO: check
+ - matrix-synapse <unfixed>
+ NOTE:
https://github.com/element-hq/synapse/security/advisories/GHSA-fh66-fcv5-jjfr
+ NOTE: https://github.com/element-hq/synapse/pull/17097
+ NOTE:
https://github.com/element-hq/synapse/commit/26aaaf9e48fff80cf67a20c691c75d670034b3c1
(v1.139.1)
+ NOTE:
https://github.com/element-hq/synapse/commit/7069636c2d6d1ef2022287addf3ed8b919ef2740
(v1.138.3)
CVE-2025-61524 (An issue in the permission verification module and
organization/applic ...)
NOT-FOR-US: Casdoor
CVE-2025-61183 (Cross Site Scripting in vaahcms v.2.3.1 allows a remote
attacker to ex ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f08ff2307885000b4acf1473e5f120cce24f68ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f08ff2307885000b4acf1473e5f120cce24f68ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
