[Git][security-tracker-team/security-tracker][master] Process two NFUs

Sat Jun 14 13:46:24 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbd375a3 by Salvatore Bonaccorso at 2025-06-14T14:45:58+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2025-50143
 CVE-2025-50142
 	REJECTED
 CVE-2025-49598 (conda-forge-ci-setup is a package installed by conda-forge each time a ...)
-	TODO: check
+	NOT-FOR-US: conda-forge-ci-setup
 CVE-2025-49596 (The MCP inspector is a developer tool for testing and debugging MCP se ...)
 	NOT-FOR-US: MCP inspector
 CVE-2025-3234 (The File Manager Pro \u2013 Filester plugin for WordPress is vulnerabl ...)
@@ -1369,7 +1369,8 @@ CVE-2025-30145 (GeoServer is an open source server that allows users to share an
 CVE-2025-2918 (The Ultimate Blocks \u2013 WordPress Blocks Plugin plugin for WordPres ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2884 (TCG TPM2.0 Reference implementation's CryptHmacSign helper function is ...)
-	TODO: check
+	NOT-FOR-US: TCG TPM2.0 Reference implementation
+	NOTE: The corresponding libtpms specific CVE is CVE-2025-49133.
 CVE-2025-2474 (Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7. ...)
 	NOT-FOR-US: Blackberry
 CVE-2025-29828 (Missing release of memory after effective lifetime in Windows Cryptogr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbd375a3065fa57f142625715823e44e78eedaf3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbd375a3065fa57f142625715823e44e78eedaf3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250614/bedeba2a/attachment.htm>
