[Git][security-tracker-team/security-tracker][master] CVE-2025-48385/openexr: mark bullseye as not-affected
Paride Legovini (@paride)
paride at debian.org
Sun Nov 23 16:17:06 GMT 2025
Paride Legovini pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0804530f by Paride Legovini at 2025-11-23T17:15:25+01:00
CVE-2025-48385/openexr: mark bullseye as not-affected
Vulnerable code is in the OpenEXRCore component, which got introduced in
version 3.1.0.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3650,6 +3650,7 @@ CVE-2025-64181 (OpenEXR provides the specification and reference implementation
- openexr <unfixed> (bug #1120700)
[trixie] - openexr <no-dsa> (Minor issue)
[bookworm] - openexr <no-dsa> (Minor issue)
+ [bullseye] - openexr <not-affected> (Vulnerable code not present)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-3h9h-qfvw-98hq
NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/72aa3e78acfb99eacae8bfae8bf4e4831634db11
CVE-2025-64167 (Combodo iTop is a web based IT service management tool. Versions prior ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0804530f80bef99040d8a37471668eb02a77e893
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0804530f80bef99040d8a37471668eb02a77e893
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251123/05de9e85/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list