[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ef58f973 by Moritz Muehlenhoff at 2025-12-06T16:39:00+01:00
trixie/bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -871,18 +871,26 @@ CVE-2025-40216 (In the Linux kernel, the following vulnerability has been resolv
 	NOTE: https://git.kernel.org/linus/3a3c6d61577dbb23c09df3e21f6f9eda1ecd634b (6.16-rc4)
 CVE-2025-66200 (mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in  ...)
 	- apache2 2.4.66-1 (bug #1121926)
+	[trixie] - apache2 <no-dsa> (Minor issue)
+	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-66200
 CVE-2025-65082 (Improper Neutralization of Escape, Meta, or Control Sequences vulnerab ...)
 	- apache2 2.4.66-1 (bug #1121926)
+	[trixie] - apache2 <no-dsa> (Minor issue)
+	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-65082
 CVE-2025-59775 (Server-Side Request Forgery (SSRF) vulnerability   in Apache HTTP Serv ...)
 	- apache2 <not-affected> (Only affects Apache on Windows)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-59775
 CVE-2025-58098 (Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI)  ...)
 	- apache2 2.4.66-1 (bug #1121926)
+	[trixie] - apache2 <no-dsa> (Minor issue)
+	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-58098
 CVE-2025-55753 (An integer overflow in the case of failed ACME certificate renewal lea ...)
 	- apache2 2.4.66-1 (bug #1121926)
+	[trixie] - apache2 <no-dsa> (Minor issue)
+	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-55753
 CVE-2025-40215 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
 	- linux 6.16.3-1
@@ -1087,7 +1095,9 @@ CVE-2025-12358 (The ShopEngine Elementor WooCommerce Builder Addon plugin for Wo
 CVE-2025-12084 (When building nested elements using xml.dom.minidom methods such as ap ...)
 	- python3.14 <unfixed>
 	- python3.13 <unfixed>
+	[trixie] - python3.13 <no-dsa> (Minor issue)
 	- python3.11 <removed>
+	[bookworm] - python3.11 <no-dsa> (Minor issue)
 	- python3.9 <removed>
 	- python2.7 <removed>
 	- pypy3 <unfixed>
@@ -1749,7 +1759,9 @@ CVE-2025-20085 (A denial of service vulnerability exists in the Modbus RTU over
 CVE-2025-13837 (When loading a plist file, the plistlib module reads data in size spec ...)
 	- python3.14 <unfixed>
 	- python3.13 <unfixed>
+	[trixie] - python3.13 <no-dsa> (Minor issue)
 	- python3.11 <removed>
+	[bookworm] - python3.11 <no-dsa> (Minor issue)
 	- python3.9 <removed>
 	NOTE: https://github.com/python/cpython/issues/119342
 	NOTE: https://github.com/python/cpython/pull/119343
@@ -1759,7 +1771,9 @@ CVE-2025-13837 (When loading a plist file, the plistlib module reads data in siz
 CVE-2025-13836 (When reading an HTTP response from a server, if no read amount is spec ...)
 	- python3.14 <unfixed>
 	- python3.13 <unfixed>
+	[trixie] - python3.13 <no-dsa> (Minor issue)
 	- python3.11 <removed>
+	[bookworm] - python3.11 <no-dsa> (Minor issue)
 	- python3.9 <removed>
 	NOTE: https://github.com/python/cpython/issues/119451
 	NOTE: https://github.com/python/cpython/pull/119454



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef58f9738dcc57be49f0cccc1c273b956e244296

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef58f9738dcc57be49f0cccc1c273b956e244296
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251206/32bb39f7/attachment.htm>