[Git][security-tracker-team/security-tracker][master] bookworm/trixie triage

Sun Nov 9 11:42:53 GMT 2025


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8aa34ce6 by Moritz Muehlenhoff at 2025-11-09T12:41:32+01:00
bookworm/trixie triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -5881,6 +5881,8 @@ CVE-2025-60772 (Improper authentication in the web-based management interface of
 CVE-2025-60751 (GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS:: ...)
 	{DLA-4361-1}
 	- geographiclib 2.5.2-1
+	[trixie] - geographiclib <no-dsa> (Minor issue)
+	[bookworm] - geographiclib <no-dsa> (Minor issue)
 	NOTE: https://github.com/geographiclib/geographiclib/issues/43
 	NOTE: https://github.com/zer0matt/CVE-2025-60751
 	NOTE: https://github.com/geographiclib/geographiclib/commit/aec521dff5ec0757cdefa018b152fffcfbca3eac (v2.5.2)
@@ -10776,6 +10778,8 @@ CVE-2025-61687 (Flowise is a drag & drop user interface to build a customized la
 	NOT-FOR-US: Flowise
 CVE-2025-61224 (Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian' ...)
 	- dokuwiki <unfixed> (bug #1117531)
+	[trixie] - dokuwiki <no-dsa> (Minor issue)
+	[bookworm] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/dokuwiki/dokuwiki/issues/4512
 	NOTE: Fixed by: https://github.com/dokuwiki/dokuwiki/commit/84f2d3156dbe7e95e360366199807c520b866e4f (release-2025-05-14b)
 CVE-2025-61198 (A stored cross-site scripting (XSS) vulnerability in Optimod 5950 - Op ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -15,6 +15,8 @@ If needed, specify the release by adding a slash after the name of the source pa
 amd64-microcode (carnil)
   Coordinating with maintainer DSA/bookworm-pu and sync with mitgations in src:linux
 --
+calibre
+--
 cpp-httplib
   Maintainer preparing updates, waiting for feedback on bookworm status
 --
@@ -24,6 +26,8 @@ frr/oldstable
 gh/oldstable
   Santiago Vila might work on preparing an update
 --
+git-lfs
+--
 jackson-core
 --
 lasso (carnil)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aa34ce6c33d055b0d75c15dc72672dc662fafe2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aa34ce6c33d055b0d75c15dc72672dc662fafe2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251109/507dcc7d/attachment-0001.htm>
