[Git][security-tracker-team/security-tracker][master] new chromium issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Mar 11 08:43:01 GMT 2025 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
384f5897 by Moritz Muehlenhoff at 2025-03-11T09:42:38+01:00
new chromium issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,14 @@ CVE-2025-2173 (A vulnerability was found in libzvbi up to 0.2.43. It has been cl
 CVE-2025-2169 (The The WPCS \u2013 WordPress Currency Switcher Professional plugin fo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2137 (Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allow ...)
-	TODO: check
+	- chromium <unfixed>
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-2136 (Use after free in Inspector in Google Chrome prior to 134.0.6998.88 al ...)
-	TODO: check
+	- chromium <unfixed>
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-2135 (Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a ...)
-	TODO: check
+	- chromium <unfixed>
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-27926 (In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designe ...)
 	TODO: check
 CVE-2025-27925 (Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization  ...)
@@ -85,7 +88,8 @@ CVE-2025-23188 (An authenticated user with low privileges can exploit a missing
 CVE-2025-23185 (Due to improper error handling in SAP Business Objects Business Intell ...)
 	NOT-FOR-US: SAP
 CVE-2025-1920 (Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a ...)
-	TODO: check
+	- chromium <unfixed>
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-1661 (The HUSKY \u2013 Products Filter Professional for WooCommerce plugin f ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1434 (The Spreadsheet view is vulnerable to a XSS attack, where a remote una ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
+--
+chromium (dilinger)
 --
 frr
   coordination with the maintainer ongoing, Daniel Baumann proposing an update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/384f589712e2ab9d228ce0869d3962656c551b25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/384f589712e2ab9d228ce0869d3962656c551b25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250311/c06d6b85/attachment.htm>

More information about the debian-security-tracker-commits mailing list