[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Update code-projects rule to catch as well site subproducts
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 3 22:01:19 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8b507f8d by Salvatore Bonaccorso at 2025-04-03T23:00:15+02:00
auto-nfu: Update code-projects rule to catch as well site subproducts
- - - - -
ca23cf77 by Salvatore Bonaccorso at 2025-04-03T23:00:59+02:00
Update note for CVE-2025-29369
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -213,7 +213,7 @@ CVE-2025-29504 (Insecure Permission vulnerability in student-manage 1 allows a l
CVE-2025-29462 (A buffer overflow vulnerability has been discovered in Tenda Ac15 V15. ...)
NOT-FOR-US: Tenda
CVE-2025-29369 (Code-Projects Matrimonial Site V1.0 is vulnerable to SQL Injection in ...)
- NOT-FOR-US: Code-Projects Site
+ NOT-FOR-US: code-projects
CVE-2025-29064 (An issue in TOTOLINK x18 v.9.1.0cu.2024_B20220329 allows a remote atta ...)
NOT-FOR-US: TOTOLINK
CVE-2025-26818 (Netwrix Password Secure through 9.2 allows command injection.)
=====================================
data/packages/nfu.yaml
=====================================
@@ -182,7 +182,7 @@
- product: Microsoft Partner Center
# Description based rules
- reason: code-projects
- description: '.*\b(?i:code-projects)\s.*\s(?i:system)\b.*'
+ description: '.*\b(?i:code-projects)\s.*\s(?i:(site|system))\b.*'
- reason: Codezips
description: '.*\b(?i:codezips)\s.*\s(?i:(system|website))\b.*'
- reason: D-Link
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/40018bcae75c3648c81e1d142c8aaadfbd9a488f...ca23cf77cb69ab560b086526841059bc4d6eae7b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/40018bcae75c3648c81e1d142c8aaadfbd9a488f...ca23cf77cb69ab560b086526841059bc4d6eae7b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250403/da1c2fb2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list