[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-6965/bullseye: follow bookworm
Sylvain Beucler (@beuc)
gitlab at salsa.debian.org
Fri Jul 18 11:02:09 BST 2025
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c89e5086 by Sylvain Beucler at 2025-07-18T11:42:58+02:00
CVE-2025-6965/bullseye: follow bookworm
- - - - -
34c373c2 by Sylvain Beucler at 2025-07-18T12:01:28+02:00
lts-cve-triage: clarify base URL choice for links
This also unifies links display accross reports (notably 'from_elts').
See also:
https://salsa.debian.org/security-tracker-team/security-tracker/-/merge_requests/222#note_628613
- - - - -
2 changed files:
- bin/lts-cve-triage.py
- data/CVE/list
Changes:
=====================================
bin/lts-cve-triage.py
=====================================
@@ -60,7 +60,10 @@ except ImportError:
file=sys.stderr)
-TRACKER_URL = 'https://deb.freexian.com/extended-lts/tracker/'
+# Display links to ELTS' tracker URL which has more dists,
+# to easily compare prev_lts/lts/next_lts:
+#TRACKER_LINK_URL = 'https://security-tracker.debian.org/tracker/'
+TRACKER_LINK_URL = 'https://deb.freexian.com/extended-lts/tracker/'
LIST_NAMES = (
('triage_end_of_life',
@@ -229,7 +232,7 @@ for key, desc in LIST_NAMES:
formatstring = '\n* {:<35s} {}'
print(formatstring.format(
colored(pkg, 'red', attrs=('bold', 'underline')),
- colored('{}source-package/{}'.format(TRACKER_URL, pkg), 'blue'),
+ colored('{}source-package/{}'.format(TRACKER_LINK_URL, pkg), 'blue'),
))
nb_issues = 0
for x in sorted(lists[key][pkg], key=lambda x: x.name):
@@ -238,7 +241,7 @@ for key, desc in LIST_NAMES:
if nb_issues > 10:
print(' - ...')
break
- url = '{}{}'.format(TRACKER_URL, x.name)
+ url = '{}{}'.format(TRACKER_LINK_URL, x.name)
print(' - {:<16s} {} {}'.format(
x.name,
colored(url, 'blue'),
=====================================
data/CVE/list
=====================================
@@ -721,6 +721,7 @@ CVE-2025-6971 (Use After Free vulnerability exists in the CATPRODUCT file readin
CVE-2025-6965 (There exists a vulnerability in SQLite versions before 3.50.2 where th ...)
- sqlite3 <unfixed> (bug #1109379)
[bookworm] - sqlite3 <no-dsa> (Minor issue)
+ [bullseye] - sqlite3 <postponed> (Minor issue)
NOTE: https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8
CVE-2025-6558 (Insufficient validation of untrusted input in ANGLE and GPU in Google ...)
{DSA-5963-1}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a56b76cad5a57d0cb02eed36631927f426c0b22...34c373c278b3c56d001b58b835f57a938f41ad5e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a56b76cad5a57d0cb02eed36631927f426c0b22...34c373c278b3c56d001b58b835f57a938f41ad5e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250718/f13eaa69/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list