Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8ce57214 by Moritz Muehlenhoff at 2025-11-14T18:02:40+01:00
bookworm/trixie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -151,6 +151,7 @@ CVE-2025-64369 (Missing Authorization vulnerability in
codepeople Contact Form E
NOT-FOR-US: WordPress plugin or theme
CVE-2025-64345 (Wasmtime is a runtime for WebAssembly. Prior to version
38.0.4, 37.0.3 ...)
- rust-wasmtime <unfixed>
+ [trixie] - rust-wasmtime <no-dsa> (Minor issue)
NOTE:
https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hc7m-r6v8-hg9q
NOTE: Fixed by:
https://github.com/bytecodealliance/wasmtime/commit/9ebb6934f00d58b92fb68ed0e0b16c0ae828ca10
(v38.0.4)
CVE-2025-64292 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -189,6 +190,8 @@ CVE-2025-63406 (An issue in Intermesh BV GroupOffice
vulnerable before v.25.0.47
NOT-FOR-US: Intermesh BV GroupOffice
CVE-2025-63396 (An issue was discovered in PyTorch v2.5 and v2.7.1. Omission
of profil ...)
- pytorch <unfixed>
+ [trixie] - pytorch <no-dsa> (Minor issue)
+ [bookworm] - pytorch <no-dsa> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/156563
CVE-2025-62484 (Inefficient regular expression complexity in certain Zoom
Workplace Cl ...)
NOT-FOR-US: Zoom
@@ -695,14 +698,20 @@ CVE-2025-59088 (If kdcproxy receives a request for a
realm which does not have s
NOTE: https://github.com/latchset/kdcproxy/pull/68
CVE-2025-64503 (cups-filters contains backends, filters, and other software
required t ...)
- libcupsfilters <unfixed>
+ [trixie] - libcupsfilters <no-dsa> (Minor issue)
- cups-filters <unfixed>
+ [trixie] - cups-filters <no-dsa> (Minor issue)
+ [bookworm] - cups-filters <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2025/11/12/2
NOTE:
https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-893j-2wr2-wrh9
NOTE: Fixed by:
https://github.com/OpenPrinting/cups-filters/commit/50d94ca0f2fa6177613c97c59791bde568631865
NOTE: Fixed by:
https://github.com/OpenPrinting/libcupsfilters/commit/fd01543f372ca3ba1f1c27bd3427110fa0094e3f
CVE-2025-57812 (CUPS is a standards-based, open-source printing system, and
`libcupsfi ...)
- libcupsfilters <unfixed>
+ [trixie] - libcupsfilters <no-dsa> (Minor issue)
- cups-filters <unfixed>
+ [trixie] - cups-filters <no-dsa> (Minor issue)
+ [bookworm] - cups-filters <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2025/11/12/1
NOTE:
https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-jpxg-qc2c-hgv4
NOTE:
https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-rc6w-jmvv-v7gx
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ce5721423510144211af73e8d9005eff341d80f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ce5721423510144211af73e8d9005eff341d80f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
