Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a5de9067 by Moritz Muehlenhoff at 2025-12-18T09:38:48+01:00
auto-nfu: Add rule for ChurchCRM
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -18,13 +18,13 @@ CVE-2025-68432 (Zed, a code editor, has an aribtrary code
execution vulnerabilit
CVE-2025-68429 (Storybook is a frontend workshop for building user interface
component ...)
TODO: check
CVE-2025-68401 (ChurchCRM is an open-source church management system. Prior to
version ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68400 (ChurchCRM is an open-source church management system. A SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68399 (ChurchCRM is an open-source church management system. In
versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68275 (ChurchCRM is an open-source church management system. Versions
prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68147 (Open Source Point of Sale (opensourcepos) is a web based point
of sale ...)
TODO: check
CVE-2025-68145 (In mcp-server-git versions prior to 2025.12.17, when the
server is sta ...)
@@ -40,19 +40,19 @@ CVE-2025-68118 (FreeRDP is a free implementation of the
Remote Desktop Protocol.
CVE-2025-68114 (Capstone is a disassembly framework. In versions 6.0.0-Alpha5
and prio ...)
TODO: check
CVE-2025-68112 (ChurchCRM is an open-source church management system. In
versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68111 (ChurchCRM is an open-source church management system. In
versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68110 (ChurchCRM is an open-source church management system. Versions
prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68109 (ChurchCRM is an open-source church management system. In
versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67877 (ChurchCRM is an open-source church management system. Versions
prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67876 (ChurchCRM is an open-source church management system. A stored
cross-s ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67875 (ChurchCRM is an open-source church management system. A
privilege esca ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67873 (Capstone is a disassembly framework. In versions 6.0.0-Alpha5
and prio ...)
TODO: check
CVE-2025-67794 (An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2
before ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -633,6 +633,8 @@
description: '.*\b(?i:Code\s?Astro)\s.*\s(?i:(system))\b.*'
- reason: Campcodes
description: '.*\b(?i:campcodes)\s.*\s(?i:(system|portal))\b.*'
+- reason: ChurchCRM
+ description: '.*\b(?i:ChurchCRM)\b.*'
- reason: code-projects
description:
'.*\b(?i:(code-projects|codeprojects))\s.*\s(?i:(forum|gallery|sharing|site|store|system|submission))\b.*'
- reason: CODESYS
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5de9067579ed318ded54b9424455bc42dfe81e9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5de9067579ed318ded54b9424455bc42dfe81e9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
