[Git][security-tracker-team/security-tracker][master] 2 commits: Drop files suffix and directly refer to pull request

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 10 05:22:59 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b584a0ac by Salvatore Bonaccorso at 2025-12-10T06:18:54+01:00
Drop files suffix and directly refer to pull request

- - - - -
73b5b088 by Salvatore Bonaccorso at 2025-12-10T06:18:55+01:00
Wrap note for CVE-2025-12183

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3880,7 +3880,7 @@ CVE-2025-13505 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2025-13353 (In gokey versions <0.2.0,  a flaw in the seed decryption logic resulte ...)
 	- gokey <unfixed> (bug #1121846)
 	NOTE: https://github.com/cloudflare/gokey/security/advisories/GHSA-69jw-4jj8-fcxm
-	NOTE: https://github.com/cloudflare/gokey/pull/79/files
+	NOTE: https://github.com/cloudflare/gokey/pull/79
 CVE-2025-13295 (Insertion of Sensitive Information Into Sent Data vulnerability in Arg ...)
 	NOT-FOR-US: BILGER
 CVE-2025-13090 (The WP Directory Kit plugin for WordPress is vulnerable to SQL Injecti ...)
@@ -4484,7 +4484,8 @@ CVE-2025-12638 (Keras version 3.11.3 is affected by a path traversal vulnerabili
 CVE-2025-12183 (Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier  ...)
 	- lz4-java <unfixed> (bug #1122026)
 	NOTE: https://www.openwall.com/lists/oss-security/2025/12/01/5
-	NOTE: Releases 1.8.1, 1.9.0, and 1.10.0 of yawkat LZ4 Java contain multiple sparsely documented patches to address this CVE.
+	NOTE: Releases 1.8.1, 1.9.0, and 1.10.0 of yawkat LZ4 Java contain multiple sparsely
+	NOTE: documented patches to address this CVE.
 CVE-2025-12143 (Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This ...)
 	NOT-FOR-US: ABB group
 CVE-2025-11156 (Netskope was notified about a potential gap in its agent (NS Client) o ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/10b6403b2e15aa416ccf0f9d2e953ddafce33774...73b5b0883f0f2b9df48f1817d7cef15f1d37b5f4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/10b6403b2e15aa416ccf0f9d2e953ddafce33774...73b5b0883f0f2b9df48f1817d7cef15f1d37b5f4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251210/e2e6bd84/attachment.htm>

More information about the debian-security-tracker-commits mailing list