[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add rule for MyBB

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
975bdb14 by Moritz Muehlenhoff at 2025-04-18T13:41:15+02:00
auto-nfu: Add rule for MyBB

- - - - -
ea8eb15b by Moritz Muehlenhoff at 2025-04-18T13:42:41+02:00
NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-42599 (Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-b ...)
-	TODO: check
+	NOT-FOR-US: Active! mail
 CVE-2025-40325 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
 	- linux <unfixed>
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -106,31 +106,31 @@ CVE-2025-2613 (The Login Manager \u2013 Design Login Page, View Login Activity,
 CVE-2025-2162 (The MapPress Maps for WordPress plugin before 2.94.10 does not sanitis ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-29461 (An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensit ...)
-	TODO: check
+	NOT-FOR-US: a-blogcms
 CVE-2025-29460 (An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive i ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2025-29459 (An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive i ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2025-29458 (An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive i ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2025-29457 (An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive i ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2025-29456 (An issue in personal-management-system Personal Management System 1.4. ...)
-	TODO: check
+	NOT-FOR-US: Personal Management System
 CVE-2025-29455 (An issue in personal-management-system Personal Management System 1.4. ...)
-	TODO: check
+	NOT-FOR-US: Personal Management System
 CVE-2025-29454 (An issue in personal-management-system Personal Management System 1.4. ...)
-	TODO: check
+	NOT-FOR-US: Personal Management System
 CVE-2025-29453 (An issue in personal-management-system Personal Management System 1.4. ...)
-	TODO: check
+	NOT-FOR-US: Personal Management System
 CVE-2025-29452 (An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensit ...)
-	TODO: check
+	NOT-FOR-US: Seo Panel
 CVE-2025-29451 (An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensit ...)
-	TODO: check
+	NOT-FOR-US: Seo Panel
 CVE-2025-29450 (An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtai ...)
-	TODO: check
+	NOT-FOR-US: twonav
 CVE-2025-29449 (An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtai ...)
-	TODO: check
+	NOT-FOR-US: twonav
 CVE-2025-25427 (A Stored cross-site scripting (XSS) vulnerability in upnp page of the  ...)
 	NOT-FOR-US: TP-Link
 CVE-2025-1863 (Insecure default settings have been found in recorder products provide ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -250,6 +250,8 @@
   description: '.*\b(?i:Netgear)\b.*'
 - reason: Linksys
   description: '.*\b(?i:Linksys)\b.*'
+- reason: MyBB
+  description: '.*\bMyBB\b.*'
 - reason: OpenEMR
   description: '.*\bOpenEMR\b.*'
 - reason: PHPGurukul



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8b9b9ca6d1b1fbc49d10a9c3b29ec78458b70777...ea8eb15b768ea3ead217b269a1b00d58885fb887

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8b9b9ca6d1b1fbc49d10a9c3b29ec78458b70777...ea8eb15b768ea3ead217b269a1b00d58885fb887
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250418/0f0b3511/attachment.htm>