Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f75a4b4f by Markus Koschany at 2026-01-28T05:28:58+01:00
CVE-2025-61795,CVE-2025-48989,tomcat10: fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35165,7 +35165,7 @@ CVE-2025-62253 (Open redirect vulnerability in page
administration in Liferay Po
NOT-FOR-US: Liferay
CVE-2025-61795 (Improper Resource Shutdown or Release vulnerability in Apache
Tomcat. ...)
- tomcat11 <unfixed> (bug #1119293)
- - tomcat10 <unfixed> (bug #1119294)
+ - tomcat10 10.1.52-1 (bug #1119294)
- tomcat9 9.0.70-2
NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server
stack, using that as the fixed version
NOTE:
https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06
(11.0.12)
@@ -62868,7 +62868,7 @@ CVE-2025-50251 (Server side request forgery (SSRF)
vulnerability in makeplane pl
NOT-FOR-US: makeplane plane
CVE-2025-48989 (Improper Resource Shutdown or Release vulnerability in Apache
Tomcat m ...)
- tomcat11 11.0.11-1 (bug #1111097)
- - tomcat10 <unfixed> (bug #1111096)
+ - tomcat10 10.1.52-1 (bug #1111096)
- tomcat9 9.0.70-2
NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server
stack, using that as the fixed version
NOTE:
https://github.com/apache/tomcat/commit/f362c8eb3b8ec5b7f312f7f5610731c0fb299a06
(11.0.10)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f75a4b4f307a1f22619d89b04b01478b6b577afc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f75a4b4f307a1f22619d89b04b01478b6b577afc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
