[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2025-54314 as postponed for Bullseye

Thorsten Alteholz (@alteholz) alteholz at debian.org
Sat Jul 26 23:48:33 BST 2025 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2f54e042 by Thorsten Alteholz at 2025-07-27T00:34:20+02:00
mark CVE-2025-54314 as postponed for Bullseye

- - - - -
395dc6d4 by Thorsten Alteholz at 2025-07-27T00:47:16+02:00
mark CVE of krusader as postponed for Bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2091,6 +2091,7 @@ CVE-2025-7854 (A vulnerability classified as critical has been found in Tenda FH
 	NOT-FOR-US: Tenda
 CVE-2025-54314 (Thor before 1.4.0 can construct an unsafe shell command from library i ...)
 	- ruby-thor <unfixed> (bug #1109679)
+	[bullseye] - ruby-thor <postponed> (Minor issue)
 	NOTE: https://hackerone.com/reports/3260153
 	NOTE: https://github.com/rails/thor/pull/897
 	NOTE: Fixed by: https://github.com/rails/thor/commit/f7418232b167cbb5c8071b7d0491aef82948feff (v1.4.0)
@@ -2099,6 +2100,7 @@ CVE-2025-53770 (Deserialization of untrusted data in on-premises Microsoft Share
 	NOT-FOR-US: Microsoft
 CVE-2025-XXXX [exposes .zip passwords while (un)archiving]
 	- krusader <unfixed> (bug #1108942)
+	[bullseye] - krusader <postponed> (Minor issue)
 CVE-2025-7853 (A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as ...)
 	NOT-FOR-US: Tenda
 CVE-2025-7840 (A vulnerability was found in Campcodes Online Movie Theater Seat Reser ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22780b1f8ecd56e351a32dc254ac8fcbd1b707ac...395dc6d46b49c52f45795c626249eb279ac6df0e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22780b1f8ecd56e351a32dc254ac8fcbd1b707ac...395dc6d46b49c52f45795c626249eb279ac6df0e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250726/7df21baf/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list