[Git][security-tracker-team/security-tracker][master] trixie triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jun 23 17:01:26 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f89ba600 by Moritz Muehlenhoff at 2025-06-23T18:01:12+02:00
trixie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -108599,17 +108599,17 @@ CVE-2024-37848 (SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v
CVE-2024-37840 (SQL injection vulnerability in processscore.php in Itsourcecode Learni ...)
NOT-FOR-US: Itsourcecode Learning Management System Project In PHP With Source Code
CVE-2024-37795 (A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a ...)
- - cvc5 <unfixed> (bug #1074235)
- [bookworm] - cvc5 <ignored> (Minor issue)
- [bullseye] - cvc5 <no-dsa> (Minor issue)
+ - cvc5 <unfixed> (bug #1074235; unimportant)
NOTE: https://github.com/cvc5/cvc5/issues/10813
NOTE: https://github.com/cvc5/cvc5/pull/10818
+ NOTE: https://github.com/cvc5/cvc5/commit/3f1ed7bbaff5dfb7b32217ba3c11e9d9a697045b (cvc5-1.2.0)
+ NOTE: Negligible security impact
CVE-2024-37794 (Improper input validation in CVC5 Solver v1.1.3 allows attackers to ca ...)
- - cvc5 <unfixed> (bug #1074235)
- [bookworm] - cvc5 <ignored> (Minor issue)
- [bullseye] - cvc5 <no-dsa> (Minor issue)
+ - cvc5 <unfixed> (bug #1074235; unimportant)
NOTE: https://github.com/cvc5/cvc5/issues/10813
NOTE: https://github.com/cvc5/cvc5/pull/10945
+ NOTE: https://github.com/cvc5/cvc5/commit/a2c2f5e971916d947e9efa41e22036db8a0a7956 (cvc5-1.2.0)
+ NOTE: Negligible security impact
CVE-2024-37664 (Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attack ...)
NOT-FOR-US: Redmi router
CVE-2024-37663 (Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect messag ...)
@@ -139614,6 +139614,7 @@ CVE-2024-28715 (Cross Site Scripting vulnerability in DOraCMS v.2.18 and before
NOT-FOR-US: DOraCMS
CVE-2024-28584 (Null Pointer Dereference vulnerability in open source FreeImage v.3.19 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139621,18 +139622,21 @@ CVE-2024-28584 (Null Pointer Dereference vulnerability in open source FreeImage
NOTE: https://sourceforge.net/p/freeimage/bugs/385/
CVE-2024-28583 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
NOTE: https://sourceforge.net/p/freeimage/bugs/384/
CVE-2024-28582 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
NOTE: https://sourceforge.net/p/freeimage/bugs/383/
CVE-2024-28581 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
@@ -139645,6 +139649,7 @@ CVE-2024-28580 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/381/
CVE-2024-28579 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139652,12 +139657,14 @@ CVE-2024-28579 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/380/
CVE-2024-28578 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
NOTE: https://sourceforge.net/p/freeimage/bugs/379/
CVE-2024-28577 (Null Pointer Dereference vulnerability in open source FreeImage v.3.19 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139665,6 +139672,7 @@ CVE-2024-28577 (Null Pointer Dereference vulnerability in open source FreeImage
NOTE: https://sourceforge.net/p/freeimage/bugs/378/
CVE-2024-28576 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139672,6 +139680,7 @@ CVE-2024-28576 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/377/
CVE-2024-28575 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139679,6 +139688,7 @@ CVE-2024-28575 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/376/
CVE-2024-28574 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139686,6 +139696,7 @@ CVE-2024-28574 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/375/
CVE-2024-28573 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139693,6 +139704,7 @@ CVE-2024-28573 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/374/
CVE-2024-28572 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139700,12 +139712,14 @@ CVE-2024-28572 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/373/
CVE-2024-28571 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
NOTE: https://sourceforge.net/p/freeimage/bugs/372/
CVE-2024-28570 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139713,12 +139727,14 @@ CVE-2024-28570 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/371/
CVE-2024-28569 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
NOTE: https://sourceforge.net/p/freeimage/bugs/370/
CVE-2024-28568 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139726,6 +139742,7 @@ CVE-2024-28568 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/369/
CVE-2024-28567 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139733,12 +139750,14 @@ CVE-2024-28567 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/368/
CVE-2024-28566 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
NOTE: https://sourceforge.net/p/freeimage/bugs/367/
CVE-2024-28565 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139746,6 +139765,7 @@ CVE-2024-28565 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/366/
CVE-2024-28564 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139753,6 +139773,7 @@ CVE-2024-28564 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/365/
CVE-2024-28563 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in user interactive software)
@@ -139760,6 +139781,7 @@ CVE-2024-28563 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
NOTE: https://sourceforge.net/p/freeimage/bugs/364/
CVE-2024-28562 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
+ [trixie] - freeimage <no-dsa> (Revisit when fixed upstream)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f89ba6009bfdae6d59b9b9efb6fc08e46a367f70
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f89ba6009bfdae6d59b9b9efb6fc08e46a367f70
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250623/f8def999/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list