Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cc07689c by Thorsten Alteholz at 2026-02-09T17:52:59+01:00
Reserve DLA-4474-1 for rlottie
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -80357,14 +80357,12 @@ CVE-2025-53075 (Improper Input Validation
vulnerability in Samsung Open Source r
- rlottie 0.1+dfsg-4.3 (bug #1109341)
[trixie] - rlottie 0.1+dfsg-4.2+deb13u1
[bookworm] - rlottie 0.1+dfsg-4+deb12u1
- [bullseye] - rlottie <postponed> (Minor issue)
NOTE: https://github.com/Samsung/rlottie/pull/571
NOTE:
https://github.com/Samsung/rlottie/commit/507ea027e47d3e1dc7ddbd9994621215eae7ebb9
CVE-2025-53074 (Out-of-bounds Read vulnerability in Samsung Open Source
rLottie allows ...)
- rlottie 0.1+dfsg-4.3 (bug #1109341)
[trixie] - rlottie 0.1+dfsg-4.2+deb13u1
[bookworm] - rlottie 0.1+dfsg-4+deb12u1
- [bullseye] - rlottie <postponed> (Minor issue)
NOTE: https://github.com/Samsung/rlottie/pull/571
NOTE:
https://github.com/Samsung/rlottie/commit/507ea027e47d3e1dc7ddbd9994621215eae7ebb9
CVE-2025-46014 (Several services in Honor Device Co., Ltd Honor PC Manager
v16.0.0.118 ...)
@@ -80395,7 +80393,6 @@ CVE-2025-0634 (Use After Free vulnerability in Samsung
Open Source rLottie allow
- rlottie 0.1+dfsg-4.3 (bug #1109341)
[trixie] - rlottie 0.1+dfsg-4.2+deb13u1
[bookworm] - rlottie 0.1+dfsg-4+deb12u1
- [bullseye] - rlottie <postponed> (Minor issue)
NOTE: https://github.com/Samsung/rlottie/pull/571
NOTE:
https://github.com/Samsung/rlottie/commit/507ea027e47d3e1dc7ddbd9994621215eae7ebb9
CVE-2015-20112 (RLPx 5 has two CTR streams based on the same key, IV, and
nonce. This ...)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[09 Feb 2026] DLA-4474-1 rlottie - security update
+ {CVE-2025-0634 CVE-2025-53074 CVE-2025-53075}
+ [bullseye] - rlottie 0.1+dfsg-2+deb11u1
[08 Feb 2026] DLA-4473-1 zabbix - security update
{CVE-2025-27234}
[bullseye] - zabbix 1:5.0.47+dfsg-0+deb11u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc07689c5253b1326744e95193bc0322ebddb1b9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc07689c5253b1326744e95193bc0322ebddb1b9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
