[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-48072

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Aug 2 07:44:42 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
653a1a63 by Salvatore Bonaccorso at 2025-08-02T08:44:23+02:00
Update status for CVE-2025-48072

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -185,10 +185,10 @@ CVE-2025-48073 (OpenEXR provides the specification and reference implementation
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-qhpm-86v7-phmm
 	TODO: check details
 CVE-2025-48072 (OpenEXR provides the specification and reference implementation of the ...)
-	- openexr <unfixed>
+	- openexr <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-4r7w-q3jg-ff43
-	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/2d09449427b13a05f7c31a98ab2c4347c23db361 (v3.3.3-rc)
-	TODO: check details
+	NOTE: Introduced with: https://github.com/AcademySoftwareFoundation/openexr/commit/0d1b3dad451317b609bf61748dfb4d0c0cc38d5c (v3.3.3-rc)
+	NOTE: Fixed by: https://github.com/AcademySoftwareFoundation/openexr/commit/2d09449427b13a05f7c31a98ab2c4347c23db361 (v3.3.3-rc)
 CVE-2025-48071 (OpenEXR provides the specification and reference implementation of the ...)
 	- openexr <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-h45x-qhg2-q375



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/653a1a63691f8c810134c5085e9a9a73f3d1f2f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/653a1a63691f8c810134c5085e9a9a73f3d1f2f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250802/06382e13/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list