[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Dec 23 22:50:10 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
60e3a153 by Moritz Muehlenhoff at 2025-12-23T23:49:59+01:00
trixie/bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,8 +33,9 @@ CVE-2025-65865 (An integer overflow in eProsima Fast-DDS v3.3 allows attackers t
CVE-2025-65713 (Home Assistant Core before v2025.8.0 is vulnerable to Directory Traver ...)
NOT-FOR-US: Home Assistant Core
CVE-2025-65410 (A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 all ...)
- - unrtf <unfixed> (bug #1123911)
+ - unrtf <unfixed> (bug #1123911; unimportant)
NOTE: https://hg.savannah.gnu.org/hgweb/unrtf/rev/a5d3b025a8b1
+ NOTE: Crash in CLI tool, no security impact
CVE-2025-65354 (Improper input handling in /Grocery/search_products_itname.php inPunee ...)
NOT-FOR-US: inPuneethReddyHC event-management
CVE-2025-59886 (Improper input validation at one of the endpoints of Eaton xComfort EC ...)
@@ -188,11 +189,14 @@ CVE-2025-65856 (Authentication bypass vulnerability in Xiongmai XM530 IP cameras
CVE-2025-65817 (LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability ...)
NOT-FOR-US: LSC Smart Connect Indoor IP Camera
CVE-2025-34458 (wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to ...)
- - direwolf <unfixed>
+ - direwolf <unfixed> (unimportant)
NOTE: https://github.com/wb2osz/direwolf/issues/618
NOTE: Fixed by: https://github.com/wb2osz/direwolf/commit/3658a878920803bbb69a4567579dcc4d6cb80a92 (dev)
+ NOTE: Crash in CLI tool, no security impact
CVE-2025-34457 (wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to ...)
- direwolf <unfixed>
+ [trixie] - direwolf <no-dsa> (Minor issue)
+ [bookworm] - direwolf <no-dsa> (Minor issue)
NOTE: https://github.com/wb2osz/direwolf/issues/617
NOTE: Fixed by: https://github.com/wb2osz/direwolf/commit/694c95485b21c1c22bc4682703771dec4d7a374b (dev)
CVE-2025-15034 (A security flaw has been discovered in itsourcecode Student Management ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60e3a153f434c20e0e250bba3ea6446434b9098e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60e3a153f434c20e0e250bba3ea6446434b9098e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251223/4635413b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list