[Git][security-tracker-team/security-tracker][master] Demote two libmicrohttpd issues to unimportant

Mon, 10 Nov 2025 08:56:42 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6648f2c2 by Salvatore Bonaccorso at 2025-11-10T17:55:41+01:00
Demote two libmicrohttpd issues to unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,11 +7,13 @@ CVE-2025-XXXX [GHSA-q428-6v73-fc4q]
        NOTE: 
https://github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-q428-6v73-fc4q
        NOTE: Fixed by: 
https://github.com/trifectatechfoundation/sudo-rs/commit/0e3d3837aec3ee9fb5dcb8bfe11e8adb367f58f4
 (v0.2.10)
 CVE-2025-62689 (NULL pointer dereference vulnerability exists in GNU 
libmicrohttpd v1. ...)
-       - libmicrohttpd <unfixed>
+       - libmicrohttpd <unfixed> (unimportant)
        NOTE: Fixed by: 
https://git.gnunet.org/libmicrohttpd.git/commit/?id=ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b
+       NOTE: Vulnerable code only compiled when HAVE_EXPERIMENTAL flag is set
 CVE-2025-59777 (NULL pointer dereference vulnerability exists in GNU 
libmicrohttpd v1. ...)
-       - libmicrohttpd <unfixed>
+       - libmicrohttpd <unfixed> (unimportant)
        NOTE: Fixed by: 
https://git.gnunet.org/libmicrohttpd.git/commit/?id=ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b
+       NOTE: Vulnerable code only compiled when HAVE_EXPERIMENTAL flag is set
 CVE-2025-41731 (A vulnerability was identified in the password generation 
algorithm wh ...)
        NOT-FOR-US: Jumo
 CVE-2025-12933 (A vulnerability was identified in SourceCodester Baby Care 
System 1.0. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6648f2c24087abe869115d5f6706d24aecca4d1b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6648f2c24087abe869115d5f6706d24aecca4d1b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to