[Git][security-tracker-team/security-tracker][master] Add CVE-2025-6772{4,5,6}/Tornado

Fri, 12 Dec 2025 00:49:49 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c134f182 by Salvatore Bonaccorso at 2025-12-12T09:49:09+01:00
Add CVE-2025-6772{4,5,6}/Tornado

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,17 @@ CVE-2025-67728 (Fireshare facilitates self-hosted media and 
link sharing. Versio
 CVE-2025-67727 (Parse Server is an open source backend that can be deployed to 
any inf ...)
        NOT-FOR-US: Parse Server
 CVE-2025-67726 (Tornado is a Python web framework and asynchronous networking 
library. ...)
-       TODO: check
+       - python-tornado <unfixed>
+       NOTE: 
https://github.com/tornadoweb/tornado/security/advisories/GHSA-jhmp-mqwm-3gq8
+       NOTE: Fixed by: 
https://github.com/tornadoweb/tornado/commit/771472cfdaeebc0d89a9cc46e249f8891a6b29cd
 (v6.5.3)
 CVE-2025-67725 (Tornado is a Python web framework and asynchronous networking 
library. ...)
-       TODO: check
+       - python-tornado <unfixed>
+       NOTE: 
https://github.com/tornadoweb/tornado/security/advisories/GHSA-c98p-7wgm-6p64
+       NOTE: Fixed by: 
https://github.com/tornadoweb/tornado/commit/771472cfdaeebc0d89a9cc46e249f8891a6b29cd
 (v6.5.3)
 CVE-2025-67724 (Tornado is a Python web framework and asynchronous networking 
library. ...)
-       TODO: check
+       - python-tornado <unfixed>
+       NOTE: 
https://github.com/tornadoweb/tornado/security/advisories/GHSA-pr2v-jx2c-wg9f
+       NOTE: Fixed by: 
https://github.com/tornadoweb/tornado/commit/9c163aebeaad9e6e7d28bac1f33580eb00b0e421
 (v6.5.3)
 CVE-2025-67508 (gardenctl is a command-line client for the Gardener which 
configures a ...)
        NOT-FOR-US: Gardener
 CVE-2025-66590 (In AzeoTech DAQFactory release 20.7 (Build 2555), an 
Out-of-bounds Wri ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c134f182d3824529e1b3326c27667e201fcd4dad

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c134f182d3824529e1b3326c27667e201fcd4dad
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to