Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4537e9bd by Salvatore Bonaccorso at 2025-12-01T22:09:03+01:00
Add CVE-2025-13837/python
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -115,7 +115,15 @@ CVE-2025-23417 (A denial of service vulnerability exists
in the Modbus RTU over
CVE-2025-20085 (A denial of service vulnerability exists in the Modbus RTU
over TCP fu ...)
TODO: check
CVE-2025-13837 (When loading a plist file, the plistlib module reads data in
size spec ...)
- TODO: check
+ - python3.14 <unfixed>
+ - python3.13 <unfixed>
+ - python3.11 <removed>
+ - python3.9 <removed>
+ NOTE: https://github.com/python/cpython/issues/119342
+ NOTE: https://github.com/python/cpython/pull/119343
+ NOTE:
https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70
(main)
+ NOTE:
https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb
(3.14 branch)
+ NOTE:
https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba
(3.13 branch)
CVE-2025-13836 (When reading an HTTP response from a server, if no read amount
is spec ...)
- python3.14 <unfixed>
- python3.13 <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4537e9bd8e53f643def34826661f8697999d3452
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4537e9bd8e53f643def34826661f8697999d3452
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
