[Git][security-tracker-team/security-tracker][master] bookworm/trixie triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 28 13:59:37 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f88b9296 by Moritz Muehlenhoff at 2025-08-28T14:58:22+02:00
bookworm/trixie triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -196,6 +196,7 @@ CVE-2024-37777 (O2OA v9.0.3 was discovered to contain a remote code execution (R
NOT-FOR-US: O2OA
CVE-2025-58050 (The PCRE2 library is a set of C functions that implement regular expre ...)
- pcre2 10.46-1 (bug #1112278)
+ [trixie] - pcre2 <no-dsa> (Minor issue, will be fixed via point release)
[bookworm] - pcre2 <not-affected> (Vulnerable code not present)
[bullseye] - pcre2 <not-affected> (Vulnerable code not present)
NOTE: Introduced with: https://github.com/PCRE2Project/pcre2/commit/237899fd0e35709b4cf767e06a19e569e1888f74 (pcre2-10.45-RC1)
@@ -4326,6 +4327,7 @@ CVE-2025-55197 (pypdf is a free and open-source pure-python PDF library. Prior t
[trixie] - pypdf <no-dsa> (Minor issue)
[bookworm] - pypdf <no-dsa> (Minor issue)
- pypdf2 <removed>
+ [bookworm] - pypdf2 <no-dsa> (Minor issue)
NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-7hfw-26vp-jp8m
NOTE: https://github.com/py-pdf/pypdf/issues/3429
NOTE: https://github.com/py-pdf/pypdf/pull/3430
=====================================
data/dsa-needed.txt
=====================================
@@ -28,8 +28,6 @@ cpp-httplib
gh/oldstable
Santiago Vila might work on preparing an update
--
-guix
---
imagemagick (aron)
--
intel-microcode (carnil)
@@ -57,7 +55,7 @@ nodejs/oldstable (jmm)
opennds/oldstable
pinged maintainer, but no reply yet. should most probably be bumped to 10.x
--
-pagure/oldstable
+pagure/oldstable (jmm)
--
php-laravel-framework/oldstable
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f88b9296b00e90661c4f9ef9804d796271e58125
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f88b9296b00e90661c4f9ef9804d796271e58125
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250828/2b75a01b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list