[Git][security-tracker-team/security-tracker][master] Add CVE-2025-54989/firebird

Fri Aug 15 21:58:12 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c8d9afd by Salvatore Bonaccorso at 2025-08-15T22:57:44+02:00
Add CVE-2025-54989/firebird

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75,7 +75,11 @@ CVE-2025-55207 (Astro is a web framework for content-driven websites. Following
 CVE-2025-55203 (Plane is open-source project management software. Prior to version 0.2 ...)
 	NOT-FOR-US: Plane
 CVE-2025-54989 (Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, an ...)
-	TODO: check
+	- firebird3.0 <unfixed>
+	- firebird4.0 <unfixed>
+	NOTE: https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-7qp6-hqxj-pjjp
+	NOTE: https://github.com/FirebirdSQL/firebird/issues/8554
+	NOTE: Fixed by: https://github.com/FirebirdSQL/firebird/commit/169da595f8693fc1a65a79c741724b1bc8db9f25
 CVE-2025-54475 (A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4 ...)
 	NOT-FOR-US: Joomla
 CVE-2025-54474 (A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joom ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8d9afd503b95e1c1154958f5ad79d20fa6f78e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8d9afd503b95e1c1154958f5ad79d20fa6f78e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250815/3aa70447/attachment.htm>
