[Git][security-tracker-team/security-tracker][master] lts: triage rhino/CVE-2025-66453 and add patch link
Daniel Leidert (@dleidert)
dleidert at debian.org
Tue Dec 9 08:34:23 GMT 2025
Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker
Commits:
40c9dda7 by Daniel Leidert at 2025-12-09T09:33:59+01:00
lts: triage rhino/CVE-2025-66453 and add patch link
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2528,6 +2528,9 @@ CVE-2025-66478
CVE-2025-66453 (Rhino is an open-source implementation of JavaScript written entirely ...)
- rhino <unfixed> (bug #1121953)
NOTE: https://github.com/mozilla/rhino/security/advisories/GHSA-3w8q-xq97-5j7x
+ NOTE: Fixed by: https://github.com/mozilla/rhino/commit/b333c3ec7a86409d62b0aab315129584fe18cb9e (Rhino1_7_15_1_Release)
+ NOTE: Fixed by: https://github.com/mozilla/rhino/commit/2bcf4c43deace35f1f57d86377c6767b0608986e (Rhino1_7_14_1_Release)
+ NOTE: Merge conflict has been resolved as part of https://github.com/mozilla/rhino/commit/0ff0bbebde8b7606428041db47d89629a922464d (Rhino1_7_14_1_Release)
CVE-2025-66431 (WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux a ...)
NOT-FOR-US: WebPros Plesk
CVE-2025-66411 (Coder allows organizations to provision remote development environment ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40c9dda75c607b2b43997e946d22928a2635637b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40c9dda75c607b2b43997e946d22928a2635637b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251209/6843ea76/attachment.htm>
More information about the debian-security-tracker-commits
mailing list