[Git][security-tracker-team/security-tracker][master] Track fixed version for python-signxml issues fixed via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 12 05:00:32 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
817c37c7 by Salvatore Bonaccorso at 2025-06-12T05:59:50+02:00
Track fixed version for python-signxml issues fixed via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3236,11 +3236,11 @@ CVE-2025-49069 (Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consu
 CVE-2025-48996 (HAX open-apis provides microservice apis for HAX webcomponents repo th ...)
 	NOT-FOR-US: HAX open-apis
 CVE-2025-48995 (SignXML is an implementation of the W3C XML Signature standard in Pyth ...)
-	- python-signxml <unfixed> (bug #1107195)
+	- python-signxml 4.0.5+dfsg-1 (bug #1107195)
 	NOTE: https://github.com/XML-Security/signxml/security/advisories/GHSA-gmhf-gg8w-jw42
 	NOTE: Fixed by: https://github.com/XML-Security/signxml/commit/1b501faaacf34cf978a52dbc6915ec11e27611cd (v4.0.4)
 CVE-2025-48994 (SignXML is an implementation of the W3C XML Signature standard in Pyth ...)
-	- python-signxml <unfixed> (bug #1107195)
+	- python-signxml 4.0.5+dfsg-1 (bug #1107195)
 	NOTE: https://github.com/XML-Security/signxml/security/advisories/GHSA-6vx8-pcwv-xhf4
 	NOTE: Fixed by: https://github.com/XML-Security/signxml/commit/e3c0c2b82a3329a65d917830657649c98b8c7600 (v4.0.4)
 CVE-2025-48990 (NeKernal is a free and open-source operating system stack. Version 0.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/817c37c7eb74b125d8b8877bc8b9a32a327c63aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/817c37c7eb74b125d8b8877bc8b9a32a327c63aa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250612/3cc75e1f/attachment.htm>

More information about the debian-security-tracker-commits mailing list