[Git][security-tracker-team/security-tracker][master] Reccord as fixed version in temporary entries for tryton-server

Sat Nov 29 12:37:57 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7a27cd7b by Salvatore Bonaccorso at 2025-11-29T13:27:16+01:00
Reccord as fixed version in temporary entries for tryton-server

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1173,12 +1173,14 @@ CVE-2025-XXXX [Export data does not enforce access rights]
 	- tryton-server 7.0.40-1 (bug #1121243)
 	[trixie] - tryton-server 7.0.30-1+deb13u1
 	[bookworm] - tryton-server 6.0.29-2+deb12u4
+	[bullseye] - tryton-server 5.0.33-2+deb11u4
 	NOTE: https://discuss.tryton.org/t/security-release-for-issue-14366/8953
 	NOTE: https://foss.heptapod.net/tryton/tryton/-/issues/14366
 CVE-2025-XXXX [IDOR / Access Control Issue - Unauthorized Access to User Signatures]
 	- tryton-server 7.0.40-1 (bug #1121241)
 	[trixie] - tryton-server 7.0.30-1+deb13u1
 	[bookworm] - tryton-server 6.0.29-2+deb12u4
+	[bullseye] - tryton-server 5.0.33-2+deb11u4
 	NOTE: https://discuss.tryton.org/t/security-release-for-issue-14364/8952
 	NOTE: https://foss.heptapod.net/tryton/tryton/-/issues/14364
 CVE-2025-XXXX [Information disclosure: unhandled KeyError returns full Python stack trace for unknown fields in JSON-RPC (model.party.party.create)]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a27cd7bf3ee98be6d63e5052ab6ef8842ee7e1c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a27cd7bf3ee98be6d63e5052ab6ef8842ee7e1c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251129/aa4c51d0/attachment-0001.htm>
