[Git][security-tracker-team/security-tracker][master] CVE-2025-30346 was already included as well in DSA-5918-1
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 15 21:52:26 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e364d46e by Salvatore Bonaccorso at 2025-05-15T22:51:04+02:00
CVE-2025-30346 was already included as well in DSA-5918-1
As the version was preivously accepted in bookworm-pu but not officially
released in stable, move the CVE and fixed version to the DSA along
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -18922,7 +18922,6 @@ CVE-2025-30347 (Varnish Enterprise before 6.0.13r13 allows remote attackers to o
CVE-2025-30346 (Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 all ...)
{DLA-4101-1}
- varnish 7.7.0-1
- [bookworm] - varnish <no-dsa> (Minor issue)
NOTE: https://varnish-cache.org/security/VSV00015.html
NOTE: https://github.com/varnishcache/varnish-cache/commit/8ef69a03b36aeac5f364c01eb20f821860e47f14 (varnish-7.7.0)
NOTE: https://github.com/varnishcache/varnish-cache/commit/a9640a13276048815cc51a12cda2603f4d4444e4 (varnish-7.6.2)
=====================================
data/DSA/list
=====================================
@@ -5,7 +5,7 @@
{CVE-2025-22247}
[bookworm] - open-vm-tools 2:12.2.0-1+deb12u3
[13 May 2025] DSA-5918-1 varnish - security update
- {CVE-2025-47905}
+ {CVE-2025-30346 CVE-2025-47905}
[bookworm] - varnish 7.1.1-2+deb12u1
[08 May 2025] DSA-5917-1 libapache2-mod-auth-openidc - security update
{CVE-2025-3891}
=====================================
data/next-point-update.txt
=====================================
@@ -96,8 +96,6 @@ CVE-2025-1860
[bookworm] - libdata-entropy-perl 0.007-4+deb12u1
CVE-2025-30673
[bookworm] - libsub-handlesvia-perl 0.050000-1+deb12u1
-CVE-2025-30346
- [bookworm] - varnish 7.1.1-1.1+deb12u1
CVE-2025-0838
[bookworm] - abseil 20220623.1-1+deb12u1
CVE-2023-4641
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e364d46ec754e73b5ca7ffd5811302f063d02b38
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e364d46ec754e73b5ca7ffd5811302f063d02b38
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250515/99dd2357/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list