[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13097/chromium and list it for DSA-5914-1 release

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Nov 16 13:45:53 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2d4c78ed by Salvatore Bonaccorso at 2025-11-16T14:45:19+01:00
Add CVE-2025-13097/chromium and list it for DSA-5914-1 release

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -326,7 +326,8 @@ CVE-2025-13107 (Inappropriate implementation in Compositing in Google Chrome pri
 CVE-2025-13102 (Inappropriate implementation in WebApp Installs in Google Chrome on An ...)
 	- chromium <not-affected> (Only affects Google Chrome on Android)
 CVE-2025-13097 (Inappropriate implementation in DevTools in Google Chrome prior to 136 ...)
-	TODO: check
+	- chromium 136.0.7103.59-2
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-12904 (The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Sto ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-11776 (Mattermost versions <11 fail to properly restrict access to archived c ...)


=====================================
data/DSA/list
=====================================
@@ -498,7 +498,7 @@
 	{CVE-2025-29769}
 	[bookworm] - vips 8.14.1-3+deb12u2
 [01 May 2025] DSA-5914-1 chromium - security update
-	{CVE-2025-4050 CVE-2025-4051 CVE-2025-4052 CVE-2025-4096}
+	{CVE-2025-4050 CVE-2025-4051 CVE-2025-4052 CVE-2025-4096 CVE-2025-13097}
 	[bookworm] - chromium 136.0.7103.59-2~deb12u2
 [01 May 2025] DSA-5913-1 openjdk-17 - security update
 	{CVE-2025-21587 CVE-2025-30691 CVE-2025-30698}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d4c78ed2dbfe64829317b3e284465fda3f35872

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d4c78ed2dbfe64829317b3e284465fda3f35872
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251116/2a78d2b6/attachment.htm>

More information about the debian-security-tracker-commits mailing list