[Git][security-tracker-team/security-tracker][master] 3 commits: lts: mark CVE-2025-55816/bullseye as postponed

Daniel Leidert (@dleidert) dleidert at debian.org
Sun Dec 14 00:51:48 GMT 2025 


Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7ca0c23f by Daniel Leidert at 2025-12-14T01:44:23+01:00
lts: mark CVE-2025-55816/bullseye as postponed

- - - - -
48141067 by Daniel Leidert at 2025-12-14T01:49:26+01:00
dla: add python-tornado

- - - - -
735e7f1f by Daniel Leidert at 2025-12-14T01:50:04+01:00
dla: claim python-tornado

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -521,6 +521,7 @@ CVE-2025-57883 (Reflected cross-site scripting vulnerability exists in GroupSess
 CVE-2025-55816 (HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting (XS ...)
 	- hoteldruid <unfixed> (bug #1122815)
 	[bookworm] - hoteldruid <no-dsa> (Minor issue)
+	[bullseye] - hoteldruid <postponed> (Minor issue)
 	NOTE: https://www.partywave.site/show/research/cve-2025-55816-xss-and-raptx
 CVE-2025-55184 (A pre-authentication denial of service vulnerability exists in React S ...)
 	NOT-FOR-US: React Server Components


=====================================
data/dla-needed.txt
=====================================
@@ -354,6 +354,9 @@ python-django (Chris Lamb)
 python-mechanize (dleidert)
   NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca)
 --
+python-tornado (dleidert)
+  NOTE: 20251214: Added by Front-Desk (dleidert)
+--
 python-urllib3 (guilhem)
   NOTE: 20251208: Added by Front-Desk (dleidert)
   NOTE: 20251208: wait for secteam's triage of CVE-2025-66418 and CVE-2025-66471 (dleidert/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bef054b7da1425fabbb9411d4d2ea198bd34f869...735e7f1f6d3856845904b399e5ec07da7e05848b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bef054b7da1425fabbb9411d4d2ea198bd34f869...735e7f1f6d3856845904b399e5ec07da7e05848b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251214/73c9fb52/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list