[Git][security-tracker-team/security-tracker][master] Fix my wrong addition of libfcgi issue

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jan 11 13:59:02 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af38faae by Salvatore Bonaccorso at 2025-01-11T14:58:50+01:00
Fix my wrong addition of libfcgi issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -243,15 +243,15 @@ CVE-2025-23109 (Long hostnames in URLs could be leveraged to obscure the actual
 CVE-2025-23108 (Opening Javascript links in a new tab via long-press in the Firefox iO ...)
 	- firefox <not-affected> (Specific to Firefox on iOS)
 CVE-2025-23079 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	- libfcgi <unfixed>
-	NOTE: https://github.com/FastCGI-Archives/fcgi2/issues/67
+	TODO: check
 CVE-2025-23078 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2025-23022 (FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2i ...)
 	NOTE: Bogus fuzzing report for a seven year old copy of FreeType
 	NOTE: https://gitlab.freedesktop.org/freetype/freetype/-/issues/1312
 CVE-2025-23016 (FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (an ...)
-	TODO: check
+	- libfcgi <unfixed>
+	NOTE: https://github.com/FastCGI-Archives/fcgi2/issues/67
 CVE-2025-22949 (Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injectio ...)
 	NOT-FOR-US: Tenda
 CVE-2025-22946 (Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnera ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af38faaed9eded17307409f144c6a7ff8d95bcdb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af38faaed9eded17307409f144c6a7ff8d95bcdb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250111/bcd230c9/attachment.htm>

More information about the debian-security-tracker-commits mailing list