[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend rule for Trellix

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jun 27 08:45:06 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb12697f by Moritz Muehlenhoff at 2025-06-27T09:44:39+02:00
auto-nfu: Extend rule for Trellix

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -112,11 +112,11 @@ CVE-2025-48921 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open S
 CVE-2025-44141 (A Cross-Site Scripting (XSS) vulnerability exists in the node creation ...)
 	NOT-FOR-US: Backdrop CMS
 CVE-2025-3773 (A sensitive  information exposure vulnerability in System Information  ...)
-	TODO: check
+	NOT-FOR-US: Trellix
 CVE-2025-3771 (A path or symbolic link manipulation vulnerability in SIR 1.0.3 and pr ...)
-	TODO: check
+	NOT-FOR-US: Trellix
 CVE-2025-3722 (A path traversal vulnerability in System Information Reporter (SIR) 1. ...)
-	TODO: check
+	NOT-FOR-US: Trellix
 CVE-2025-36034 (IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information S ...)
 	NOT-FOR-US: IBM
 CVE-2025-34049 (An OS command injection vulnerability exists in the OptiLink ONT1GEW G ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -375,6 +375,7 @@
     - cna: trellix
     - anyOf:
       - product: Trellix HX Console
+      - product: System Information Reporter
 # Description based rules
 - reason: Argo CD
   description: '.*\b(?i:Argo CD)\b.*'



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb12697fb53f92cedaa9e753d8c4f50b5e871dd5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb12697fb53f92cedaa9e753d8c4f50b5e871dd5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250627/12bcffdc/attachment.htm>

More information about the debian-security-tracker-commits mailing list