[Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 19 22:09:50 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3a951256 by Salvatore Bonaccorso at 2025-02-19T23:08:41+01:00
Add new chromium issues

- - - - -
f74820cb by Salvatore Bonaccorso at 2025-02-19T23:09:33+01:00
Add chromium to dsa-needed list

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,8 @@ CVE-2025-1465 (A vulnerability, which was classified as problematic, was found i
 CVE-2025-1464 (A vulnerability, which was classified as critical, has been found in B ...)
 	NOT-FOR-US: Baiyi Cloud Asset Management System
 CVE-2025-1426 (Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0 ...)
-	TODO: check
+	- chromium <unfixed>
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-1135 (A vulnerability exists in ChurchCRM5.13.0. and prior that allows an at ...)
 	NOT-FOR-US: ChurchCRM
 CVE-2025-1134 (A vulnerability exists in ChurchCRM5.13.0 and prior that allows an att ...)
@@ -33,9 +34,11 @@ CVE-2025-1024 (A vulnerability exists in ChurchCRM 5.13.0that allows an attacker
 CVE-2025-1007 (In OpenVSX version v0.9.0 to v0.20.0, the  /user/namespace/{namespace} ...)
 	TODO: check
 CVE-2025-1006 (Use after free in Network in Google Chrome prior to 133.0.6943.126 all ...)
-	TODO: check
+	- chromium <unfixed>
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-0999 (Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 al ...)
-	TODO: check
+	- chromium <unfixed>
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-0968 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-0916 (The YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Br ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
+--
+chromium (dilinger)
 --
 fort-validator
   probably best to bump bookworm to current upstream



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/03f92f007ee529f891af0f685e62d9a6ce694c3f...f74820cbd2fc6892f8c91ec0aca64652d6c0e5f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/03f92f007ee529f891af0f685e62d9a6ce694c3f...f74820cbd2fc6892f8c91ec0aca64652d6c0e5f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250219/194cd79a/attachment.htm>

More information about the debian-security-tracker-commits mailing list