[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2025-13033 as no-dsa for trixie and bookworm

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 15 13:04:05 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e333449b by Salvatore Bonaccorso at 2025-11-15T14:02:58+01:00
Mark CVE-2025-13033 as no-dsa for trixie and bookworm

- - - - -
02a1ffdc by Salvatore Bonaccorso at 2025-11-15T14:03:44+01:00
Track proposed node-nodemailer update via trixie-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -170,6 +170,8 @@ CVE-2025-13168 (A weakness has been identified in ury-erp ury up to 0.2.0. This
 	NOT-FOR-US: ury-erp ury
 CVE-2025-13033 (A vulnerability was identified in the email parsing library due to imp ...)
 	- node-nodemailer 7.0.9+~7.0.2-1
+	[trixie] - node-nodemailer <no-dsa> (Minor issue)
+	[bookworm] - node-nodemailer <no-dsa> (Minor issue)
 	NOTE: https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87
 	NOTE: Fixed by: https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626 (v7.0.7)
 CVE-2025-12897


=====================================
data/next-point-update.txt
=====================================
@@ -12,3 +12,5 @@ CVE-2025-64500
 	[trixie] - symfony 6.4.21+dfsg-2+deb13u1
 CVE-2025-54119
 	[trixie] - libphp-adodb 5.22.9-0.1+deb13u1
+CVE-2025-13033
+	[trixie] - node-nodemailer 6.10.0+~6.4.17-1+deb13u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/903f518e106e323b8a6859fea0c5c3226a532f65...02a1ffdcb4da5938fc1eddf11e7c56e335367765

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/903f518e106e323b8a6859fea0c5c3226a532f65...02a1ffdcb4da5938fc1eddf11e7c56e335367765
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251115/595025f6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list