[Git][security-tracker-team/security-tracker][master] Revert "Mark CVE-2025-9905/keras as not-affected for bullseye"

[Sylvain Beucler (@beuc)]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7cf0408 by Sylvain Beucler at 2025-11-12T06:16:10+01:00
Revert "Mark CVE-2025-9905/keras as not-affected for bullseye"

This reverts commit 22b58c786fa4a6248cefdd194ed0f400964dddc0.

Reverting as discussed with utkarsh as he couldn't come up readily
with elements on this triage. Conversely the Lambda feature is
available in that version.

Marking as <ignored> instead as the safe_mode mechanism is not
available yet, as with CVE-2025-12058.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17828,7 +17828,7 @@ CVE-2025-9906 (The Keras Model.load_modelmethod can be exploited to achieve arbi
 	NOTE: https://github.com/keras-team/keras/pull/21429
 CVE-2025-9905 (The Keras Model.load_modelmethod can be exploited to achieve arbitrary ...)
 	- keras <removed>
-	[bullseye] - keras <not-affected> (Vulnerable code introduced later)
+	[bullseye] - keras <ignored> (safe_mode introduced in v2.12, only use with trusted models)
 	NOTE: https://github.com/keras-team/keras/pull/21602
 	NOTE: https://github.com/keras-team/keras/security/advisories/GHSA-36rr-ww3j-vrjv
 CVE-2025-9081 (Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to proper ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7cf04080c7a5556e4c4c00aa19d770cb3401103

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7cf04080c7a5556e4c4c00aa19d770cb3401103
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251112/d8a248db/attachment-0001.htm>