Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: dfbcbcb1 by Salvatore Bonaccorso at 2025-12-04T17:17:19+01:00 Add new apache2 issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,18 @@ +CVE-2025-66200 [mod_userdir+suexec bypass via AllowOverride FileInfo] + - apache2 <unfixed> + NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-66200 +CVE-2025-65082 [CGI environment variable override] + - apache2 <unfixed> + NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-65082 +CVE-2025-59775 [NTLM Leakage on Windows through UNC SSRF] + - apache2 <not-affected> (Only affects Apache on Windows) + NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-59775 +CVE-2025-58098 [Server Side Includes adds query string to #exec cmd=...] + - apache2 <unfixed> + NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-58098 +CVE-2025-55753 [mod_md (ACME), unintended retry intervals] + - apache2 <unfixed> + NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-55753 CVE-2025-40215 [xfrm: delete x->tunnel as we delete x] - linux 6.16.3-1 NOTE: https://git.kernel.org/linus/b441cf3f8c4b8576639d20c8eb4aa32917602ecd (6.16) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfbcbcb101bc1f0bdfb7349bdfd919e39181c42e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfbcbcb101bc1f0bdfb7349bdfd919e39181c42e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
