[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE of gpac as EOL

Thorsten Alteholz (@alteholz) alteholz at debian.org
Sun Mar 2 12:58:56 GMT 2025 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9d2e0b22 by Thorsten Alteholz at 2025-03-02T13:52:57+01:00
mark CVE of gpac as EOL

- - - - -
f1199342 by Thorsten Alteholz at 2025-03-02T13:54:52+01:00
mark CVE-2022-37660 as postponed for Bullseye

- - - - -
91a5cbe7 by Thorsten Alteholz at 2025-03-02T13:58:36+01:00
mark CVE-2025-25184 as postponed for Bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60,6 +60,7 @@ CVE-2025-27410 (PwnDoc is a penetration test reporting application. Prior to ver
 	NOT-FOR-US: PwnDoc
 CVE-2025-25723 (Buffer Overflow vulnerability in GPAC version 2.5 allows a local attac ...)
 	- gpac <removed>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 	NOTE: https://github.com/gpac/gpac/issues/3089
 CVE-2025-25478 (The account file upload functionality in Syspass 3.2.x fails to proper ...)
 	NOT-FOR-US: Syspass
@@ -7122,6 +7123,7 @@ CVE-2025-25198 (mailcow: dockerized is an open source groupware/email suite base
 	NOT-FOR-US: mailcow
 CVE-2025-25184 (Rack provides an interface for developing web applications in Ruby. Pr ...)
 	- ruby-rack <unfixed> (bug #1098257)
+	[bullseye] - ruby-rack <postponed> (Minor issue)
 	NOTE: https://github.com/rack/rack/security/advisories/GHSA-7g2v-jj9q-g3rg
 	NOTE: https://github.com/rack/rack/commit/074ae244430cda05c27ca91cda699709cfb3ad8e
 CVE-2025-25182 (Stroom is a data processing, storage and analysis platform. A vulnerab ...)
@@ -218857,6 +218859,7 @@ CVE-2022-37661 (SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable t
 CVE-2022-37660 (In hostapd 2.10 and earlier, the PKEX code remains active even after a ...)
 	- wpa <unfixed>
 	[bookworm] - wpa <no-dsa> (Minor issue)
+	[bullseye] - wpa <postponed> (Minor issue)
 	NOTE: https://link.springer.com/article/10.1007/s10207-025-00988-3
 	NOTE: Fixed by: https://w1.fi/cgit/hostap/commit/?id=15af83cf1846870873a011ed4d714732f01cd2e4 (hostap_2_11)
 CVE-2022-37659



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/596aae949684bc829a62ffcac5df1482c2a113d5...91a5cbe72f5f38d206c45b957c9417c5e9370265

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/596aae949684bc829a62ffcac5df1482c2a113d5...91a5cbe72f5f38d206c45b957c9417c5e9370265
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250302/ce9ba57e/attachment.htm>

More information about the debian-security-tracker-commits mailing list