[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Apr 27 21:11:57 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
62ccc346 by security tracker role at 2025-04-27T20:11:49+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2025-46688 (quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadB ...)
+ TODO: check
+CVE-2025-46687 (quickjs-ng through 0.9.0 has a missing length check in JS_ReadString f ...)
+ TODO: check
+CVE-2025-46657 (Karaz Karazal through 2025-04-14 allows reflected XSS via the lang par ...)
+ TODO: check
+CVE-2025-3984 (A vulnerability was found in Apereo CAS 5.2.6 and classified as critic ...)
+ TODO: check
+CVE-2025-3983 (A vulnerability has been found in AMTT Hotel Broadband Operation Syste ...)
+ TODO: check
+CVE-2025-3982 (A vulnerability, which was classified as problematic, was found in nor ...)
+ TODO: check
+CVE-2025-3981 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2025-3980 (A vulnerability classified as problematic was found in wowjoy \u6d59\u ...)
+ TODO: check
+CVE-2025-3979 (A vulnerability classified as problematic has been found in dazhouda l ...)
+ TODO: check
+CVE-2025-3978 (A vulnerability was found in dazhouda lecms 3.0.3. It has been rated a ...)
+ TODO: check
+CVE-2025-3977 (A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has ...)
+ TODO: check
+CVE-2025-3976 (A vulnerability was found in PHPGurukul COVID19 Testing Management Sys ...)
+ TODO: check
+CVE-2025-3975 (A vulnerability was found in ScriptAndTools eCommerce-website-in-PHP 3 ...)
+ TODO: check
+CVE-2025-3974 (A vulnerability has been found in PHPGurukul COVID19 Testing Managemen ...)
+ TODO: check
+CVE-2025-3973 (A vulnerability, which was classified as critical, was found in PHPGur ...)
+ TODO: check
+CVE-2025-3972 (A vulnerability, which was classified as critical, has been found in P ...)
+ TODO: check
+CVE-2025-3971 (A vulnerability classified as critical was found in PHPGurukul COVID19 ...)
+ TODO: check
+CVE-2025-3970 (A vulnerability classified as problematic has been found in baseweb JS ...)
+ TODO: check
+CVE-2025-3969 (A vulnerability was found in codeprojects News Publishing Site Dashboa ...)
+ TODO: check
+CVE-2025-3968 (A vulnerability was found in codeprojects News Publishing Site Dashboa ...)
+ TODO: check
+CVE-2025-3967 (A vulnerability was found in itwanger paicoding 1.0.3. It has been cla ...)
+ TODO: check
+CVE-2025-3966 (A vulnerability was found in itwanger paicoding 1.0.3 and classified a ...)
+ TODO: check
+CVE-2025-3965 (A vulnerability has been found in itwanger paicoding 1.0.3 and classif ...)
+ TODO: check
+CVE-2025-3964 (A vulnerability, which was classified as problematic, was found in wit ...)
+ TODO: check
+CVE-2025-3886 (An issue in CatoNetworks CatoClient before v.5.8.0 allows attackers to ...)
+ TODO: check
CVE-2025-46675 (In NASA CryptoLib before 1.3.2, the key state is not checked before us ...)
NOT-FOR-US: NASA CryptoLib
CVE-2025-46674 (NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work i ...)
@@ -1351,7 +1401,7 @@ CVE-2024-13926 (The WP-Syntax WordPress plugin through 1.2 does not properly han
NOT-FOR-US: WordPress plugin
CVE-2021-4455 (The Wordpress Plugin Smart Product Review plugin for WordPress is vuln ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-2866 [PDF signature forgery with adbe.pkcs7.sha1 SubFilter]
+CVE-2025-2866 (Improper Verification of Cryptographic Signature vulnerability in Libr ...)
- libreoffice 4:25.2.2-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866/
NOTE: Fixed by: https://gerrit.libreoffice.org/c/core/+/183059 (25.8.0.0.alpha0+)
@@ -1483,6 +1533,7 @@ CVE-2024-29643 (An issue in croogo v.3.0.2 allows an attacker to perform Host he
CVE-2024-11421
REJECTED
CVE-2025-37838 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/e3f88665a78045fe35c7669d2926b8d97b892c11 (6.15-rc1)
CVE-2025-40364 (In the Linux kernel, the following vulnerability has been resolved: i ...)
@@ -1533,9 +1584,11 @@ CVE-2025-39755 (In the Linux kernel, the following vulnerability has been resolv
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c1baf6528bcfd6a86842093ff3f8ff8caf309c12 (6.15-rc1)
CVE-2025-39735 (In the Linux kernel, the following vulnerability has been resolved: j ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/fdf480da5837c23b146c4743c18de97202fcab37 (6.15-rc1)
CVE-2025-39728 (In the Linux kernel, the following vulnerability has been resolved: c ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/d19d7345a7bcdb083b65568a11b11adffe0687af (6.15-rc1)
CVE-2025-39688 (In the Linux kernel, the following vulnerability has been resolved: n ...)
@@ -1550,9 +1603,11 @@ CVE-2025-39470 (Path Traversal: '.../...//' vulnerability in ThimPress Ivy Schoo
CVE-2025-39469 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-38637 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/ce8fe975fd99b49c29c42e50f2441ba53112b2e8 (6.15-rc1)
CVE-2025-38575 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6171063e9d046ffa46f51579b2ca4a43caef581a (6.15-rc1)
@@ -1567,6 +1622,7 @@ CVE-2025-38240 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/106a6de46cf4887d535018185ec528ce822d6d84 (6.15-rc1)
CVE-2025-38152 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/efdde3d73ab25cef4ff2d06783b0aad8b093c0e4 (6.15-rc1)
@@ -1591,6 +1647,7 @@ CVE-2025-37860 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8241ecec1cdc6699ae197d52d58e76bddd995fa5 (6.15-rc1)
CVE-2025-37785 (In the Linux kernel, the following vulnerability has been resolved: e ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/d5e206778e96e8667d3bde695ad372c296dc9353 (6.15-rc1)
CVE-2025-2613 (The Login Manager \u2013 Design Login Page, View Login Activity, Limit ...)
@@ -2722,6 +2779,7 @@ CVE-2024-22036 (A vulnerability has been identified within Rancher where a clust
CVE-2023-32197 (A Improper Privilege Management vulnerability in SUSE rancher in RoleT ...)
NOT-FOR-US: Rancher
CVE-2025-23138 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/f13abc1e8e1a3b7455511c4e122750127f6bc9b0 (6.15-rc1)
CVE-2025-23137 (In the Linux kernel, the following vulnerability has been resolved: c ...)
@@ -2730,6 +2788,7 @@ CVE-2025-23137 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/426db24d4db2e4f0d6720aeb7795eafcb9e82640 (6.15-rc1)
CVE-2025-23136 (In the Linux kernel, the following vulnerability has been resolved: t ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/2542a3f70e563a9e70e7ded314286535a3321bdb (6.15-rc1)
CVE-2025-23135 (In the Linux kernel, the following vulnerability has been resolved: R ...)
@@ -2768,6 +2827,7 @@ CVE-2025-22127 (In the Linux kernel, the following vulnerability has been resolv
- linux <unfixed>
NOTE: https://git.kernel.org/linus/3147ee567dd9004a49826ddeaf0a4b12865d4409 (6.15-rc1)
CVE-2025-22126 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ {DSA-5907-1}
- linux 6.12.22-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8542870237c3a48ff049b6c5df5f50c8728284fa (6.15-rc1)
@@ -2895,6 +2955,7 @@ CVE-2025-22098 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f887685ee0eb4ef716391355568181230338f6eb (6.15-rc1)
CVE-2025-22097 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ed15511a773df86205bda66c37193569575ae828 (6.15-rc1)
@@ -2904,6 +2965,7 @@ CVE-2025-22096 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0b305b7cadce835505bd93183a599acb1f800a05 (6.15-rc1)
CVE-2025-22095 (In the Linux kernel, the following vulnerability has been resolved: P ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3651ad5249c51cf7eee078e12612557040a6bdb4 (6.15-rc1)
@@ -2913,6 +2975,7 @@ CVE-2025-22094 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ff99d5b6a246715f2257123cdf6c4a29cb33aa78 (6.15-rc1)
CVE-2025-22093 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/42d9d7bed270247f134190ba0cb05bbd072f58c2 (6.15-rc1)
@@ -2930,10 +2993,12 @@ CVE-2025-22090 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/dc84bc2aba85a1508f04a936f9f9a15f64ebfb31 (6.15-rc1)
CVE-2025-22089 (In the Linux kernel, the following vulnerability has been resolved: R ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a1ecb30f90856b0be4168ad51b8875148e285c1f (6.15-rc1)
CVE-2025-22088 (In the Linux kernel, the following vulnerability has been resolved: R ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/83437689249e6a17b25e27712fbee292e42e7855 (6.15-rc1)
@@ -2943,6 +3008,7 @@ CVE-2025-22087 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6ebc5030e0c5a698f1dd9a6684cddf6ccaed64a0 (6.15-rc1)
CVE-2025-22086 (In the Linux kernel, the following vulnerability has been resolved: R ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/5ed3b0cb3f827072e93b4c5b6e2b8106fd7cccbd (6.15-rc1)
CVE-2025-22085 (In the Linux kernel, the following vulnerability has been resolved: R ...)
@@ -2964,6 +3030,7 @@ CVE-2025-22082 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/035b4989211dc1c8626e186d655ae8ca5141bb73 (6.15-rc1)
CVE-2025-22081 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5ad414f4df2294b28836b5b7b69787659d6aa708 (6.15-rc1)
@@ -2973,6 +3040,7 @@ CVE-2025-22080 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6bb81b94f7a9cba6bde9a905cef52a65317a8b04 (6.15-rc1)
CVE-2025-22079 (In the Linux kernel, the following vulnerability has been resolved: o ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/a406aff8c05115119127c962cbbbbd202e1973ef (6.15-rc1)
CVE-2025-22078 (In the Linux kernel, the following vulnerability has been resolved: s ...)
@@ -2991,6 +3059,7 @@ CVE-2025-22076 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/47e35366bc6fa3cf189a8305bce63992495f3efa (6.15-rc1)
CVE-2025-22075 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/23f00807619d15063d676218f36c5dfeda1eb420 (6.15-rc1)
CVE-2025-22074 (In the Linux kernel, the following vulnerability has been resolved: k ...)
@@ -2999,12 +3068,15 @@ CVE-2025-22074 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ddb7ea36ba7129c2ed107e2186591128618864e1 (6.15-rc1)
CVE-2025-22073 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/d1ca8698ca1332625d83ea0d753747be66f9906d (6.15-rc1)
CVE-2025-22072 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/c134deabf4784e155d360744d4a6a835b9de4dd4 (6.15-rc1)
CVE-2025-22071 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/0f5cce3fc55b08ee4da3372baccf4bcd36a98396 (6.15-rc1)
CVE-2025-22070 (In the Linux kernel, the following vulnerability has been resolved: f ...)
@@ -3027,6 +3099,7 @@ CVE-2025-22067 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7ba0847fa1c22e7801cebfe5f7b75aee4fae317e (6.15-rc1)
CVE-2025-22066 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/93d34608fd162f725172e780b1c60cc93a920719 (6.15-rc1)
@@ -3041,6 +3114,7 @@ CVE-2025-22064 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/688c15017d5cd5aac882400782e7213d40dc3556 (6.15-rc1)
CVE-2025-22063 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/078aabd567de3d63d37d7673f714e309d369e6e2 (6.15-rc1)
CVE-2025-22062 (In the Linux kernel, the following vulnerability has been resolved: s ...)
@@ -3053,6 +3127,7 @@ CVE-2025-22061 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/57b290d97c6150774bf929117ca737a26d8fc33d (6.15-rc1)
CVE-2025-22060 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/96844075226b49af25a69a1d084b648ec2d9b08d (6.15-rc1)
CVE-2025-22059 (In the Linux kernel, the following vulnerability has been resolved: u ...)
@@ -3061,18 +3136,22 @@ CVE-2025-22059 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5a465a0da13ee9fbd7d3cd0b2893309b0fe4b7e3 (6.15-rc1)
CVE-2025-22058 (In the Linux kernel, the following vulnerability has been resolved: u ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/df207de9d9e7a4d92f8567e2c539d9c8c12fd99d (6.15-rc1)
CVE-2025-22057 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/3a0a3ff6593d670af2451ec363ccb7b18aec0c0a (6.15-rc1)
CVE-2025-22056 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/1b755d8eb1ace3870789d48fbd94f386ad6e30be (6.15-rc1)
CVE-2025-22055 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/b27055a08ad4b415dcf15b63034f9cb236f7fb40 (6.15-rc1)
CVE-2025-22054 (In the Linux kernel, the following vulnerability has been resolved: a ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/fda8c491db2a90ff3e6fbbae58e495b4ddddeca3 (6.15-rc1)
CVE-2025-22053 (In the Linux kernel, the following vulnerability has been resolved: n ...)
@@ -3089,10 +3168,12 @@ CVE-2025-22051 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8491e73a5223acb0a4b4d78c3f8b96aa9c5e774d (6.15-rc1)
CVE-2025-22050 (In the Linux kernel, the following vulnerability has been resolved: u ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/51de3600093429e3b712e5f091d767babc5dd6df (6.15-rc1)
CVE-2025-22049 (In the Linux kernel, the following vulnerability has been resolved: L ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/4103cfe9dcb88010ae4911d3ff417457d1b6a720 (6.15-rc1)
CVE-2025-22048 (In the Linux kernel, the following vulnerability has been resolved: L ...)
@@ -3110,27 +3191,33 @@ CVE-2025-22046 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fa6192adc32f4fdfe5b74edd5b210e12afd6ecc0 (6.15-rc1)
CVE-2025-22045 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/3ef938c3503563bfc2ac15083557f880d29c2e64 (6.15-rc1)
CVE-2025-22044 (In the Linux kernel, the following vulnerability has been resolved: a ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/2ff0e408db36c21ed3fa5e3c1e0e687c82cf132f (6.15-rc1)
CVE-2025-22043 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/542027e123fc0bfd61dd59e21ae0ee4ef2101b29 (6.15-rc1)
CVE-2025-22042 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/bab703ed8472aa9d109c5f8c1863921533363dae (6.15-rc1)
CVE-2025-22041 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/15a9605f8d69dc85005b1a00c31a050b8625e1aa (6.15-rc1)
CVE-2025-22040 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/fa4cdb8cbca7d6cb6aa13e4d8d83d1103f6345db (6.15-rc1)
CVE-2025-22039 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/beff0bc9d69bc8e733f9bca28e2d3df5b3e10e42 (6.15-rc1)
CVE-2025-22038 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/bf21e29d78cd2c2371023953d9c82dfef82ebb36 (6.15-rc1)
CVE-2025-22037 (In the Linux kernel, the following vulnerability has been resolved: k ...)
@@ -3142,6 +3229,7 @@ CVE-2025-22036 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1bb7ff4204b6d4927e982cd256286c09ed4fd8ca (6.15-rc1)
CVE-2025-22035 (In the Linux kernel, the following vulnerability has been resolved: t ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/7f81f27b1093e4895e87b74143c59c055c3b1906 (6.15-rc1)
CVE-2025-22034 (In the Linux kernel, the following vulnerability has been resolved: m ...)
@@ -3150,6 +3238,7 @@ CVE-2025-22034 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8977752c8056a6a094a279004a49722da15bace3 (6.15-rc1)
CVE-2025-22033 (In the Linux kernel, the following vulnerability has been resolved: a ...)
+ {DSA-5907-1}
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c28f31deeacda307acfee2f18c0ad904e5123aac (6.15-rc1)
@@ -3175,12 +3264,14 @@ CVE-2025-22028 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/36cef585e2a31e4ddf33a004b0584a7a572246de (6.15-rc1)
CVE-2025-22027 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/f656cfbc7a293a039d6a0c7100e1c846845148c1 (6.15-rc1)
CVE-2025-22026 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/930b64ca0c511521f0abdd1d57ce52b2a6e3476b (6.15-rc1)
CVE-2025-22025 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/230ca758453c63bd38e4d9f4a21db698f7abada8 (6.15-rc1)
CVE-2025-22024 (In the Linux kernel, the following vulnerability has been resolved: n ...)
@@ -3204,6 +3295,7 @@ CVE-2024-58093 (In the Linux kernel, the following vulnerability has been resolv
- linux <unfixed>
NOTE: https://git.kernel.org/linus/cbf937dcadfd571a434f8074d057b32cd14fbea5 (6.15-rc1)
CVE-2023-53034 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5907-1}
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/de203da734fae00e75be50220ba5391e7beecdf9 (6.15-rc1)
CVE-2025-22023 (In the Linux kernel, the following vulnerability has been resolved: u ...)
@@ -3941,18 +4033,21 @@ CVE-2025-32931 (DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is
CVE-2025-32930
REJECTED
CVE-2025-32914 (A flaw was found in libsoup, where the soup_multipart_new_from_message ...)
+ {DLA-4140-1}
- libsoup3 <unfixed> (bug #1103267)
- libsoup2.4 <unfixed> (bug #1103512)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/436
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/450
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/commit/5bfcf8157597f2d327050114fb37ff600004dbcf
CVE-2025-32913 (A flaw was found in libsoup, where the soup_message_headers_get_conten ...)
+ {DLA-4140-1}
- libsoup3 3.6.4-1
- libsoup2.4 <unfixed> (bug #1103515)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/435
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/422
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/f4a761fb66512fff59798765e8ac5b9e57dceef0 (3.6.2)
CVE-2025-32912 (A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a N ...)
+ {DLA-4140-1}
- libsoup3 3.6.5-1
- libsoup2.4 <unfixed> (bug #1103516)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/434
@@ -3962,18 +4057,21 @@ CVE-2025-32912 (A flaw was found in libsoup, where SoupAuthDigest is vulnerable
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/cd077513f267e43ce4b659eb18a1734d8a369992 (3.6.5)
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/910ebdcd3dd82386717a201c13c834f3a63eed7f (3.6.5)
CVE-2025-32911 (A flaw was found in libsoup, which is vulnerable to a use-after-free m ...)
+ {DLA-4140-1}
- libsoup3 3.6.4-1
- libsoup2.4 <unfixed> (bug #1103515)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/433
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/422
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/f4a761fb66512fff59798765e8ac5b9e57dceef0 (3.6.2)
CVE-2025-32910 (A flaw was found in libsoup, where soup_auth_digest_authenticate() is ...)
+ {DLA-4140-1}
- libsoup3 3.6.4-1
- libsoup2.4 <unfixed> (bug #1103516)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/432
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/417
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/ea16eeacb052e423eb5c3b0b705e5eab34b13832 (3.6.2)
CVE-2025-32909 (A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a ...)
+ {DLA-4140-1}
- libsoup3 3.6.4-1
- libsoup2.4 <unfixed> (bug #1103517)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/431
@@ -3992,6 +4090,7 @@ CVE-2025-32907 (A flaw was found in libsoup. The implementation of HTTP range re
NOTE: See also https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452
NOTE: Upstream also claims there are multiple worse DoS problems, so questions the usefulness of this fix.
CVE-2025-32906 (A flaw was found in libsoup, where the soup_headers_parse_request() fu ...)
+ {DLA-4140-1}
- libsoup3 3.6.5-1
- libsoup2.4 <unfixed> (bug #1103521)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/404
@@ -6982,6 +7081,7 @@ CVE-2025-3155 (A flaw was found in Yelp. The Gnome user help application allows
CVE-2025-32054 (In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could b ...)
- intellij-idea <itp> (bug #747616)
CVE-2025-32052 (A flaw was found in libsoup. A vulnerability in the sniff_unknown() fu ...)
+ {DLA-4140-1}
- libsoup3 3.6.1-1
- libsoup2.4 2.74.3-10 (bug #1102214)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/425
@@ -6994,6 +7094,7 @@ CVE-2025-32051 (A flaw was found in libsoup. The libsoup soup_uri_decode_data_ur
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/79cfd65c9bd8024cd45dd725c284766329873709 (3.6.1)
NOTE: soup_uri_decode_data_uri introduced in https://gitlab.gnome.org/GNOME/libsoup/-/commit/9f42c7b8dc1d099b1464070ca993189bf7a3cdd0 (2.99.1)
CVE-2025-32050 (A flaw was found in libsoup. The libsoup append_param_quoted() functio ...)
+ {DLA-4140-1}
- libsoup3 3.6.1-1
- libsoup2.4 2.74.3-10 (bug #1102212)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/424
@@ -7276,6 +7377,7 @@ CVE-2025-30080 (Signalling in Pexip Infinity 29 through 36.2 before 37.0 has imp
CVE-2025-2874 (The User Submitted Posts \u2013 Enable Users to Submit Posts from the ...)
NOT-FOR-US: WordPress plugin
CVE-2025-2784 (A flaw was found in libsoup. The package is vulnerable to a heap buffe ...)
+ {DLA-4140-1}
- libsoup3 3.6.5-1
- libsoup2.4 2.74.3-10 (bug #1102208)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
@@ -7283,6 +7385,7 @@ CVE-2025-2784 (A flaw was found in libsoup. The package is vulnerable to a heap
NOTE: Depends on: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/435
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/commit/242a10fbb12dbdc12d254bd8fc8669a0ac055304 (3.6.5)
CVE-2025-32053 (A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() a ...)
+ {DLA-4140-1}
- libsoup3 3.6.1-1
- libsoup2.4 2.74.3-10 (bug #1102215)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/426
@@ -14801,6 +14904,7 @@ CVE-2025-21854 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8fb5bb169d17cdd12c2dcc2e96830ed487d77a0f (6.14-rc4)
CVE-2025-21853 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ {DSA-5907-1}
- linux 6.12.17-1
NOTE: https://git.kernel.org/linus/bc27c52eea189e8f7492d40739b7746d67b65beb (6.14-rc4)
CVE-2025-21852 (In the Linux kernel, the following vulnerability has been resolved: n ...)
@@ -59052,6 +59156,7 @@ CVE-2024-50064 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/684826f8271ad97580b138b9ffd462005e470b99 (6.12-rc1)
CVE-2024-50063 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ {DSA-5907-1}
- linux 6.11.4-1
NOTE: https://git.kernel.org/linus/28ead3eaabc16ecc907cfb71876da028080f6356 (6.12-rc1)
CVE-2024-50062 (In the Linux kernel, the following vulnerability has been resolved: R ...)
@@ -65650,6 +65755,7 @@ CVE-2024-46824 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a11dda723c6493bb1853bbc61c093377f96e2d47 (6.11-rc1)
CVE-2024-46823 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ {DSA-5907-1}
- linux 6.10.11-1
NOTE: https://git.kernel.org/linus/92e9bac18124682c4b99ede9ee3bcdd68f121e92 (6.11-rc4)
CVE-2024-46822 (In the Linux kernel, the following vulnerability has been resolved: a ...)
@@ -65678,6 +65784,7 @@ CVE-2024-46817 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.10.9-1
NOTE: https://git.kernel.org/linus/84723eb6068c50610c5c0893980d230d7afa2105 (6.11-rc1)
CVE-2024-46816 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ {DSA-5907-1}
- linux 6.10.9-1
NOTE: https://git.kernel.org/linus/cf8b16857db702ceb8d52f9219a4613363e2b1cf (6.11-rc1)
CVE-2024-46815 (In the Linux kernel, the following vulnerability has been resolved: d ...)
@@ -67336,6 +67443,7 @@ CVE-2024-46775 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.10.11-1
NOTE: https://git.kernel.org/linus/673f816b9e1e92d1f70e1bf5f21b531e0ff9ad6c (6.11-rc1)
CVE-2024-46774 (In the Linux kernel, the following vulnerability has been resolved: p ...)
+ {DSA-5907-1}
- linux 6.10.11-1
NOTE: https://git.kernel.org/linus/0974d03eb479384466d828d65637814bee6b26d7 (6.11-rc1)
CVE-2024-46773 (In the Linux kernel, the following vulnerability has been resolved: d ...)
@@ -67415,6 +67523,7 @@ CVE-2024-46754 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.10.11-1
NOTE: https://git.kernel.org/linus/c13fda93aca118b8e5cd202e339046728ee7dddb (6.11-rc1)
CVE-2024-46753 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ {DSA-5907-1}
- linux 6.10.11-1
NOTE: https://git.kernel.org/linus/5eb178f373b4f16f3b42d55ff88fc94dd95b93b1 (6.11-rc1)
CVE-2024-46752 (In the Linux kernel, the following vulnerability has been resolved: b ...)
@@ -67458,6 +67567,7 @@ CVE-2024-46743 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.10.11-1
NOTE: https://git.kernel.org/linus/b739dffa5d570b411d4bdf4bb9b8dfd6b7d72305 (6.11-rc4)
CVE-2024-46742 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ {DSA-5907-1}
- linux 6.10.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4e8771a3666c8f216eefd6bd2fd50121c6c437db (6.11-rc5)
@@ -67498,6 +67608,7 @@ CVE-2024-46734 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cd9253c23aedd61eb5ff11f37a36247cd46faf86 (6.11-rc7)
CVE-2024-46733 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ {DSA-5907-1}
- linux 6.10.9-1
NOTE: https://git.kernel.org/linus/30479f31d44d47ed00ae0c7453d9b253537005b2 (6.11-rc3)
CVE-2024-46732 (In the Linux kernel, the following vulnerability has been resolved: d ...)
@@ -95013,6 +95124,7 @@ CVE-2024-36909 (In the Linux kernel, the following vulnerability has been resolv
[bookworm] - linux 6.1.94-1
NOTE: https://git.kernel.org/linus/30d18df6567be09c1433e81993e35e3da573ac48 (6.9-rc4)
CVE-2024-36908 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ {DSA-5907-1}
- linux 6.8.11-1
NOTE: https://git.kernel.org/linus/01bc4fda9ea0a6b52f12326486f07a4910666cf6 (6.9-rc5)
CVE-2024-36907 (In the Linux kernel, the following vulnerability has been resolved: S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62ccc346c04a39d3b4b72cab7939b052021ab935
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62ccc346c04a39d3b4b72cab7939b052021ab935
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250427/869173d1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list