[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-53367/djvulibre via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 4 16:09:00 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3bf142b7 by Salvatore Bonaccorso at 2025-07-04T17:08:09+02:00
Track fixed version for CVE-2025-53367/djvulibre via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2025-49005 (Next.js is a React framework for building full-stack web applica
CVE-2024-11937 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2025-53367 (DjVuLibre is a GPL implementation of DjVu, a web-centric format for di ...)
- - djvulibre <unfixed> (bug #1108729)
+ - djvulibre 3.5.28-2.1 (bug #1108729)
NOTE: https://www.openwall.com/lists/oss-security/2025/07/03/1
NOTE: Fixed by: https://sourceforge.net/p/djvu/djvulibre-git/ci/33f645196593d70bd5e37f55b63886c31c82c3da/
CVE-2025-6587 (System environment variables are recorded in Docker Desktop diagnostic ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bf142b769b6419df05c144e77c565706cfee302
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bf142b769b6419df05c144e77c565706cfee302
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250704/b886dc7a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list