[Git][security-tracker-team/security-tracker][master] Remove annotations for trixie for hoteldruid
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 24 09:16:52 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc3ee4d9 by Salvatore Bonaccorso at 2025-04-24T10:16:35+02:00
Remove annotations for trixie for hoteldruid
hoteldruid is out of trixie and we are now in soft-freeze so the package
won't re-enter testing and trixie anymore.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14555,19 +14555,16 @@ CVE-2025-25925 (A stored cross-scripting (XSS) vulnerability in Openmrs v2.4.3 B
NOT-FOR-US: Openmrs
CVE-2025-25749 (An issue in HotelDruid version 3.0.7 and earlier allows users to set w ...)
- hoteldruid <unfixed> (bug #1101015)
- [trixie] - hoteldruid <no-dsa> (Minor issue)
[bookworm] - hoteldruid <no-dsa> (Minor issue)
[bullseye] - hoteldruid <postponed> (Minor issue)
NOTE: https://www.huyvo.net/post/cve-2025-25749-weak-password-policy-in-hoteldruid-3-0-7
CVE-2025-25748 (A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid ...)
- hoteldruid <unfixed> (bug #1101015)
- [trixie] - hoteldruid <no-dsa> (Minor issue)
[bookworm] - hoteldruid <no-dsa> (Minor issue)
[bullseye] - hoteldruid <postponed> (Minor issue)
NOTE: https://www.huyvo.net/post/cve-2025-25748-cross-site-request-forgery-csrf-vulnerability-in-hoteldruid-3-0-7
CVE-2025-25747 (Cross Site Scripting vulnerability in DigitalDruid HotelDruid v.3.0.7 ...)
- hoteldruid <unfixed> (bug #1101015)
- [trixie] - hoteldruid <no-dsa> (Minor issue)
[bookworm] - hoteldruid <no-dsa> (Minor issue)
[bullseye] - hoteldruid <postponed> (Minor issue)
NOTE: https://www.huyvo.net/post/cve-2025-25747-reflected-xss-vulnerability-in-hoteldruid-3-0-7
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc3ee4d99e84414f272374ed83fa96d9dc6c58ce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc3ee4d99e84414f272374ed83fa96d9dc6c58ce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250424/94641a87/attachment.htm>
More information about the debian-security-tracker-commits
mailing list