[Git][security-tracker-team/security-tracker][master] 3 commits: Process one NFU

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 28 15:47:25 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab499832 by Salvatore Bonaccorso at 2025-07-28T16:47:12+02:00
Process one NFU

- - - - -
eca1b75f by Salvatore Bonaccorso at 2025-07-28T16:47:13+02:00
Add CVE-2025-8263/node-prettier, itp'ed

- - - - -
a7d1a87c by Salvatore Bonaccorso at 2025-07-28T16:47:13+02:00
Add CVE-2025-8262/node-yarnpkg

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2,11 +2,12 @@ CVE-2025-38468 [net/sched: Return NULL when htb_lookup_leaf encounters an empty
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/0e1d5d9b5c5966e2e42e298670808590db5ed628 (6.16-rc7)
 CVE-2025-8267 (Versions of the package ssrfcheck before 1.2.0 are vulnerable to Serve ...)
-	TODO: check
+	NOT-FOR-US: ssrfcheck
 CVE-2025-8263 (A vulnerability was found in prettier up to 3.6.2. It has been declare ...)
-	TODO: check
+	- node-prettier <itp> (bug #879665)
 CVE-2025-8262 (A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been c ...)
-	TODO: check
+	- node-yarnpkg <unfixed>
+	NOTE: https://github.com/yarnpkg/yarn/pull/9199
 CVE-2025-8261 (A vulnerability was found in Vaelsys 4.1.0 and classified as critical. ...)
 	NOT-FOR-US: Vaelsys
 CVE-2025-8260 (A vulnerability has been found in Vaelsys 4.1.0 and classified as prob ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/025a4677d9a09a71359e6d3c67b5dda76fd030e3...a7d1a87c8477c0b909061a6ecd13d1dd58f3f83a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/025a4677d9a09a71359e6d3c67b5dda76fd030e3...a7d1a87c8477c0b909061a6ecd13d1dd58f3f83a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250728/45900b56/attachment.htm>

More information about the debian-security-tracker-commits mailing list