[Git][security-tracker-team/security-tracker][master] Add two new clamav issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
430ea0ed by Salvatore Bonaccorso at 2025-06-18T22:43:15+02:00
Add two new clamav issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,9 +43,13 @@ CVE-2025-23999 (Missing Authorization vulnerability in Cloudways Breeze allows E
 CVE-2025-20271 (A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX  ...)
 	NOT-FOR-US: Cisco
 CVE-2025-20260 (A vulnerability in the PDF scanning processes of ClamAV could allow an ...)
-	TODO: check
+	- clamav <unfixed>
+	[bookworm] - clamav <no-dsa> (clamav is being updated via -updates)
+	NOTE: https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html
 CVE-2025-20234 (A vulnerability in Universal Disk Format (UDF) processing of ClamAV co ...)
-	TODO: check
+	- clamav <unfixed>
+	[bookworm] - clamav <not-affected> (Vulnerable code introduced in 1.2.0)
+	NOTE: https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html
 CVE-2025-1349 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)
 	NOT-FOR-US: IBM
 CVE-2025-1348 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/430ea0ed7b3883c4e6bc9f56b1fae8ecd372b9cc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/430ea0ed7b3883c4e6bc9f56b1fae8ecd372b9cc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250618/48251bab/attachment.htm>