[Git][security-tracker-team/security-tracker][master] 2 commits: Process two NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 4 14:15:34 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
28cc1de9 by Salvatore Bonaccorso at 2025-04-04T15:15:20+02:00
Process two NFUs

- - - - -
76f86226 by Salvatore Bonaccorso at 2025-04-04T15:15:22+02:00
Add one new assimp issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,9 +31,9 @@ CVE-2025-3204 (A vulnerability, which was classified as critical, has been found
 CVE-2025-3203 (A vulnerability classified as problematic was found in Tenda W18E 16.0 ...)
 	NOT-FOR-US: Tenda
 CVE-2025-3202 (A vulnerability classified as critical has been found in ageerle ruoyi ...)
-	TODO: check
+	NOT-FOR-US: ageerle ruoyi-ai
 CVE-2025-3199 (A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classifi ...)
-	TODO: check
+	NOT-FOR-US: ageerle ruoyi-ai
 CVE-2025-3198 (A vulnerability has been found in GNU Binutils 2.43/2.44 and classifie ...)
 	- binutils <unfixed> (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=32716
@@ -42,7 +42,9 @@ CVE-2025-3198 (A vulnerability has been found in GNU Binutils 2.43/2.44 and clas
 CVE-2025-3197 (Versions of the package expand-object from 0.0.0 are vulnerable to Pro ...)
 	TODO: check
 CVE-2025-3196 (A vulnerability, which was classified as critical, was found in Open A ...)
-	TODO: check
+	- assimp <unfixed>
+	NOTE: https://github.com/assimp/assimp/issues/6069
+	TODO: fixed upstream in master, need to identify upstream commit
 CVE-2025-3195 (A vulnerability, which was classified as critical, has been found in i ...)
 	TODO: check
 CVE-2025-3194 (Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buf ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dcb266ba636f77166f98fc123ef421b80138ed2e...76f86226321f0fb63e9f56132365f7f87229f54b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dcb266ba636f77166f98fc123ef421b80138ed2e...76f86226321f0fb63e9f56132365f7f87229f54b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250404/3a417de8/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list