[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-66567

Salvatore Bonaccorso (@carnil) Wed, 18 Feb 2026 11:55:47 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
09017835 by Salvatore Bonaccorso at 2026-02-18T20:55:09+01:00
Update status for CVE-2025-66567

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30519,7 +30519,9 @@ CVE-2025-66578 (xmlseclibs is a library written in PHP 
for working with XML Encr
 CVE-2025-66568 (The ruby-saml library implements the client side of an SAML 
authorizat ...)
        TODO: check
 CVE-2025-66567 (The ruby-saml library is for implementing the client side of a 
SAML au ...)
-       TODO: check
+       - ruby-saml <not-affected> (Incomplte fix for CVE-2025-25292 not 
applied)
+       NOTE: 
https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-9v8j-x534-2fx3
+       NOTE: Fixed by: 
https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97
 (v1.18.0)
 CVE-2025-66565 (Fiber Utils is a collection of common functions created for 
Fiber. In  ...)
        NOT-FOR-US: Fiber Utils (gofiber)
 CVE-2025-66508 (1Panel is an open-source, web-based control panel for Linux 
server man ...)
@@ -119544,6 +119546,7 @@ CVE-2025-25292 (ruby-saml provides security assertion 
markup language (SAML) sin
        NOTE: 
https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-754f-8gm6-c4r2
        NOTE: 
https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97
 (v1.18.0)
        NOTE: 
https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9
 (v1.12.4)
+       NOTE: When fixing this issue with the v1.12.4 the issue is incompletely 
fixed opening up CVE-2025-66567
 CVE-2025-25291 (ruby-saml provides security assertion markup language (SAML) 
single si ...)
        {DLA-4115-1}
        - ruby-saml <removed> (bug #1100441)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09017835bfecda05286ebd62c709af5b570730c8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09017835bfecda05286ebd62c709af5b570730c8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-66567

Reply via email to