[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jan 15 09:06:16 GMT 2025



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09d2782b by Moritz Muehlenhoff at 2025-01-15T10:05:54+01:00
bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -958,7 +958,8 @@ CVE-2025-22613 (WeGIA is an open source web manager with a focus on the Portugue
 CVE-2025-22138 (@codidact/qpixel is a Q&A-based community knowledge-sharing software.  ...)
 	NOT-FOR-US: @codidact/qpixel
 CVE-2025-22134 (When switching to other buffers using the :all command and visual mode ...)
-	- vim <unfixed>
+	- vim <unfixed> (unimportant)
+	NOTE: Crash in CLI tool, no security impact
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-5rgf-26wj-48v8
 	NOTE: Fixed by: https://github.com/vim/vim/commit/c9a1e257f1630a0866447e53a564f7ff96a80ead (v9.1.1003)
 CVE-2025-0070 (SAP NetWeaver Application Server for ABAP and ABAP Platform allows an  ...)
@@ -1735,11 +1736,13 @@ CVE-2024-5872 (On affected platforms running Arista EOS, a specially crafted pac
 	NOT-FOR-US: Arista EOS
 CVE-2024-57823 (In Raptor RDF Syntax Library through 2.0.16, there is an integer under ...)
 	- raptor2 <unfixed> (bug #1067896)
+	[bookworm] - raptor2 <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - raptor2 <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md
 	NOTE: https://github.com/dajobe/raptor/issues/70
 CVE-2024-57822 (In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buf ...)
 	- raptor2 <unfixed> (bug #1067896)
+	[bookworm] - raptor2 <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - raptor2 <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md
 	NOTE: https://github.com/dajobe/raptor/issues/70



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09d2782b224f8c90f34502e33304371b0463d8ed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09d2782b224f8c90f34502e33304371b0463d8ed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250115/b700a6e2/attachment.htm>


More information about the debian-security-tracker-commits mailing list