[Git][security-tracker-team/security-tracker][master] Backfill some Google Chrome issues

Fri Nov 14 10:13:14 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cacf976b by Salvatore Bonaccorso at 2025-11-14T11:12:40+01:00
Backfill some Google Chrome issues

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -70,19 +70,21 @@ CVE-2025-11776 (Mattermost versions <11 fail to properly restrict access to arch
 CVE-2025-10686 (The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulner ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9126 (Use after free in Internals in Google Chrome on iOS prior to 127.0.653 ...)
-	TODO: check
+	- chromium <not-affected> (Only affects Google Chrome on iOS)
 CVE-2024-7021 (Inappropriate implementation in Autofill in Google Chrome on Windows p ...)
-	TODO: check
+	- chromium <not-affected> (Only affects Google Chrome on Windows)
 CVE-2024-7017 (Inappropriate implementation in DevTools in Google Chrome prior to 126 ...)
-	TODO: check
+	- chromium 126.0.6478.182-1
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-13983 (Inappropriate implementation in Lens in Google Chrome on iOS prior to  ...)
-	TODO: check
+	- chromium <not-affected> (Only affects Google Chrome on iOS)
 CVE-2024-13178 (Inappropriate implementation in Fullscreen in Google Chrome prior to 1 ...)
-	TODO: check
+	- chromium 128.0.6613.84-1
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11920 (Inappropriate implementation in Dawn in Google Chrome on Mac prior to  ...)
-	TODO: check
+	- chromium <not-affected> (Only affects Google Chrome on Mac)
 CVE-2024-11919 (Inappropriate implementation in Intents in Google Chrome on Android pr ...)
-	TODO: check
+	- chromium <not-affected> (Only affects Google Chrome on Android)
 CVE-2025-8397 (The Save as PDF Button plugin for WordPress is vulnerable to Stored Cr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7704 (Supermicro BMC  Insyde SMASH shell program has a stacked-based overflo ...)


=====================================
data/DSA/list
=====================================
@@ -968,7 +968,7 @@
 	{CVE-2023-38522 CVE-2024-35161 CVE-2024-35296}
 	[bookworm] - trafficserver 9.2.5+ds-0+deb12u1
 [23 Aug 2024] DSA-5757-1 chromium - security update
-	{CVE-2024-7964 CVE-2024-7965 CVE-2024-7966 CVE-2024-7967 CVE-2024-7968 CVE-2024-7971 CVE-2024-7972 CVE-2024-7973 CVE-2024-7974 CVE-2024-7975 CVE-2024-7976 CVE-2024-7977 CVE-2024-7978 CVE-2024-7979 CVE-2024-7980 CVE-2024-7981 CVE-2024-8033 CVE-2024-8034 CVE-2024-8035}
+	{CVE-2024-7964 CVE-2024-7965 CVE-2024-7966 CVE-2024-7967 CVE-2024-7968 CVE-2024-7971 CVE-2024-7972 CVE-2024-7973 CVE-2024-7974 CVE-2024-7975 CVE-2024-7976 CVE-2024-7977 CVE-2024-7978 CVE-2024-7979 CVE-2024-7980 CVE-2024-7981 CVE-2024-8033 CVE-2024-8034 CVE-2024-8035 CVE-2024-13178}
 	[bookworm] - chromium 128.0.6613.84-1~deb12u1
 [21 Aug 2024] DSA-5756-1 nova - security update
 	{CVE-2024-32498}
@@ -1055,7 +1055,7 @@
 	[bullseye] - thunderbird 1:115.13.0-1~deb11u1
 	[bookworm] - thunderbird 1:115.13.0-1~deb12u1
 [18 Jul 2024] DSA-5732-1 chromium - security update
-	{CVE-2024-6772 CVE-2024-6773 CVE-2024-6774 CVE-2024-6775 CVE-2024-6776 CVE-2024-6777 CVE-2024-6778 CVE-2024-6779}
+	{CVE-2024-6772 CVE-2024-6773 CVE-2024-6774 CVE-2024-6775 CVE-2024-6776 CVE-2024-6777 CVE-2024-6778 CVE-2024-6779 CVE-2024-7017}
 	[bookworm] - chromium 126.0.6478.182-1~deb12u1
 [16 Jul 2024] DSA-5731-1 linux - security update
 	{CVE-2024-25741 CVE-2024-27397 CVE-2024-36894 CVE-2024-36973 CVE-2024-36978 CVE-2024-37078 CVE-2024-38619 CVE-2024-39298 CVE-2024-39371 CVE-2024-39469 CVE-2024-39474 CVE-2024-39484 CVE-2024-39487 CVE-2024-39494 CVE-2024-39495 CVE-2024-39496 CVE-2024-39499 CVE-2024-39500 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39507 CVE-2024-39509 CVE-2024-39510 CVE-2024-40899 CVE-2024-40900 CVE-2024-40901 CVE-2024-40902 CVE-2024-40903 CVE-2024-40904 CVE-2024-40905 CVE-2024-40906 CVE-2024-40908 CVE-2024-40910 CVE-2024-40911 CVE-2024-40912 CVE-2024-40913 CVE-2024-40914 CVE-2024-40915 CVE-2024-40916 CVE-2024-40919 CVE-2024-40920 CVE-2024-40921 CVE-2024-40924 CVE-2024-40927 CVE-2024-40929 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40935 CVE-2024-40937 CVE-2024-40938 CVE-2024-40939 CVE-2024-40940 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40947 CVE-2024-40948 CVE-2024-40953 CVE-2024-40954 CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40966 CVE-2024-40967 CVE-2024-40968 CVE-2024-40970 CVE-2024-40971 CVE-2024-40974 CVE-2024-40976 CVE-2024-40977 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40983 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40989 CVE-2024-40990 CVE-2024-40993 CVE-2024-40994 CVE-2024-40995 CVE-2024-40996 CVE-2024-41000 CVE-2024-41001 CVE-2024-41002 CVE-2024-41004 CVE-2024-41005 CVE-2024-41006}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cacf976b26a3fe5ddb48076e1fff56478c63d73d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cacf976b26a3fe5ddb48076e1fff56478c63d73d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251114/dae1a7fc/attachment-0001.htm>
