[Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for ChurchCRM
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Dec 18 08:39:07 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a5de9067 by Moritz Muehlenhoff at 2025-12-18T09:38:48+01:00
auto-nfu: Add rule for ChurchCRM
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -18,13 +18,13 @@ CVE-2025-68432 (Zed, a code editor, has an aribtrary code execution vulnerabilit
CVE-2025-68429 (Storybook is a frontend workshop for building user interface component ...)
TODO: check
CVE-2025-68401 (ChurchCRM is an open-source church management system. Prior to version ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68400 (ChurchCRM is an open-source church management system. A SQL Injection ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68399 (ChurchCRM is an open-source church management system. In versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68275 (ChurchCRM is an open-source church management system. Versions prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68147 (Open Source Point of Sale (opensourcepos) is a web based point of sale ...)
TODO: check
CVE-2025-68145 (In mcp-server-git versions prior to 2025.12.17, when the server is sta ...)
@@ -40,19 +40,19 @@ CVE-2025-68118 (FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2025-68114 (Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prio ...)
TODO: check
CVE-2025-68112 (ChurchCRM is an open-source church management system. In versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68111 (ChurchCRM is an open-source church management system. In versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68110 (ChurchCRM is an open-source church management system. Versions prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-68109 (ChurchCRM is an open-source church management system. In versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67877 (ChurchCRM is an open-source church management system. Versions prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67876 (ChurchCRM is an open-source church management system. A stored cross-s ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67875 (ChurchCRM is an open-source church management system. A privilege esca ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-67873 (Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prio ...)
TODO: check
CVE-2025-67794 (An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 before ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -633,6 +633,8 @@
description: '.*\b(?i:Code\s?Astro)\s.*\s(?i:(system))\b.*'
- reason: Campcodes
description: '.*\b(?i:campcodes)\s.*\s(?i:(system|portal))\b.*'
+- reason: ChurchCRM
+ description: '.*\b(?i:ChurchCRM)\b.*'
- reason: code-projects
description: '.*\b(?i:(code-projects|codeprojects))\s.*\s(?i:(forum|gallery|sharing|site|store|system|submission))\b.*'
- reason: CODESYS
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5de9067579ed318ded54b9424455bc42dfe81e9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5de9067579ed318ded54b9424455bc42dfe81e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251218/187dce07/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list