[Git][security-tracker-team/security-tracker][master] Replace the CVE-2025-65187/civicrm note with a bullseye postponed entry

[Santiago R.R. (@santiago)]

Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43f0b77e by Santiago Ruano Rincón at 2025-12-15T14:17:57-03:00
Replace the CVE-2025-65187/civicrm note with a bullseye postponed entry

The note could get out-of-sync. Handling this as a release related data
makes it easier to keep track / drop it when situation changes.

Co-authored-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5884,7 +5884,7 @@ CVE-2025-65215 (Sourcecodester Web-based Pharmacy Product Management System v1.0
 	NOT-FOR-US: SourceCodester
 CVE-2025-65187 (A Stored Cross Site Scripting vulnerability exists in CiviCRM before v ...)
 	- civicrm <removed>
-	NOTE: Vulnerability still open in release 6.9.0. Revisit when fixed upstream.
+	[bullseye] - civicrm <postponed> (Reevaluate when fixed upstream)
 CVE-2025-65186 (Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS). The page  ...)
 	NOT-FOR-US: Grav CMS
 CVE-2025-65105 (Apptainer is an open source container platform. In Apptainer versions  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43f0b77e9291ab2044328f9cd74a85405ce9611a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43f0b77e9291ab2044328f9cd74a85405ce9611a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251215/c3463cb4/attachment.htm>