Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6f41a95b by Sylvain Beucler at 2025-11-08T19:47:09+01:00
CVE-2024-51317,CVE-2025-29699,CVE-2025-45663: bullseye postponed
Follow bookworm triage
- - - - -
179b4504 by Sylvain Beucler at 2025-11-08T19:47:28+01:00
CVE-2025-57106,CVE-2025-57107,CVE-2025-57108,CVE-2025-57109/vtk9: bullseye
postponed
Follow bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1752,17 +1752,20 @@ CVE-2025-45663 (An issue in NetSurf v3.11 causes the
application to read uniniti
- netsurf <unfixed> (bug #1119918)
[trixie] - netsurf <no-dsa> (Minor issue)
[bookworm] - netsurf <no-dsa> (Minor issue)
+ [bullseye] - netsurf <postponed> (Minor issue)
NOTE:
https://github.com/Fysac/netsurf-disclosure/tree/main/CVE-2025-45663
NOTE:
https://github.com/netsurf-browser/libdom/commit/9ea069f36e5de5f52d7155a71e2d536eb94de141
CVE-2025-29699 (NetSurf 3.11 is vulnerable to Use After Free in
dom_node_set_text_cont ...)
- netsurf <unfixed> (bug #1119918)
[trixie] - netsurf <no-dsa> (Minor issue)
[bookworm] - netsurf <no-dsa> (Minor issue)
+ [bullseye] - netsurf <postponed> (Minor issue)
NOTE:
https://github.com/Fysac/netsurf-disclosure/tree/main/CVE-2025-29699
CVE-2024-51317 (An issue in NetSurf v.3.11 allows a remote attacker to execute
arbitra ...)
- netsurf <unfixed> (bug #1119918)
[trixie] - netsurf <no-dsa> (Minor issue)
[bookworm] - netsurf <no-dsa> (Minor issue)
+ [bullseye] - netsurf <postponed> (Minor issue)
NOTE:
https://github.com/Fysac/netsurf-disclosure/tree/main/CVE-2024-51317
NOTE:
https://github.com/netsurf-browser/libdom/commit/7d317df204d18f161f0a8ffed958ef60eb2692fe
CVE-2025-62875 [Denial-of-Service via UNIX Domain Socket]
@@ -1986,16 +1989,19 @@ CVE-2025-57108 (Kitware VTK (Visualization Toolkit)
through 9.5.0 contains a hea
- vtk9 <unfixed> (bug #1119823)
[trixie] - vtk9 <no-dsa> (Minor issue)
[bookworm] - vtk9 <no-dsa> (Minor issue)
+ [bullseye] - vtk9 <postponed> (Minor issue)
NOTE: https://gitlab.kitware.com/vtk/vtk/-/issues/19736
CVE-2025-57107 (Kitware VTK (Visualization Toolkit) through 9.5.0 contains a
heap buff ...)
- vtk9 <unfixed> (bug #1119822)
[trixie] - vtk9 <no-dsa> (Minor issue)
[bookworm] - vtk9 <no-dsa> (Minor issue)
+ [bullseye] - vtk9 <postponed> (Minor issue)
NOTE: https://gitlab.kitware.com/vtk/vtk/-/issues/19732
CVE-2025-57106 (Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable
to Buffe ...)
- vtk9 <unfixed> (bug #1119821)
[trixie] - vtk9 <no-dsa> (Minor issue)
[bookworm] - vtk9 <no-dsa> (Minor issue)
+ [bullseye] - vtk9 <postponed> (Minor issue)
NOTE: https://gitlab.kitware.com/vtk/vtk/-/issues/19733
NOTE: https://gitlab.kitware.com/vtk/vtk/-/issues/19734
CVE-2025-54763 (FutureNet MA and IP-K series provided by Century Systems Co.,
Ltd. con ...)
@@ -2359,6 +2365,7 @@ CVE-2025-57109 (Kitware VTK (Visualization Toolkit) 9.5.0
is vulnerable to Heap
- vtk9 <unfixed> (bug #1119824)
[trixie] - vtk9 <no-dsa> (Minor issue)
[bookworm] - vtk9 <no-dsa> (Minor issue)
+ [bullseye] - vtk9 <postponed> (Minor issue)
NOTE: https://gitlab.kitware.com/vtk/vtk/-/issues/19735
CVE-2025-56313 (A Reflected Cross-Site Scripting (XSS) vulnerability was
discovered in ...)
NOT-FOR-US: JATOS
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d22b98666e30e22d777d8dee1be8b56d25b26429...179b4504d505a0e76cdd694823283da0c526de01
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d22b98666e30e22d777d8dee1be8b56d25b26429...179b4504d505a0e76cdd694823283da0c526de01
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
