[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Oct 3 09:26:13 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4949c10 by Salvatore Bonaccorso at 2025-10-03T10:25:59+02:00
Process some NFUs

- - - - -
ecc4299c by Salvatore Bonaccorso at 2025-10-03T10:25:59+02:00
Add CVE-2025-61600/stalwart, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2025-61847
 CVE-2025-61671
 	REJECTED
 CVE-2025-61668 (Volto is a ReactJS-based frontend for the Plone Content Management Sys ...)
-	TODO: check
+	NOT-FOR-US: Volto
 CVE-2025-61666 (Traccar is an open source GPS tracking system. Default installs of Tra ...)
-	TODO: check
+	NOT-FOR-US: Traccar
 CVE-2025-61665 (WeGIA is an open source web manager with a focus on charitable institu ...)
 	NOT-FOR-US: WeGIA
 CVE-2025-61606 (WeGIA is an open source web manager with a focus on charitable institu ...)
@@ -15,15 +15,15 @@ CVE-2025-61605 (WeGIA is an open source web manager with a focus on charitable i
 CVE-2025-61604 (WeGIA is an open source web manager with a focus on charitable institu ...)
 	NOT-FOR-US: WeGIA
 CVE-2025-61600 (Stalwart is a mail and collaboration server. Versions 0.13.3 and below ...)
-	TODO: check
+	- stalwart <itp> (bug #1109537)
 CVE-2025-61599 (Emlog is an open source website building system. A stored Cross-Site S ...)
-	TODO: check
+	NOT-FOR-US: Emlog
 CVE-2025-61597 (Emlog is an open source website building system. In versions 2.5.21 an ...)
-	TODO: check
+	NOT-FOR-US: Emlog
 CVE-2025-61589 (Cursor is a code editor built for programming with AI. In versions 1.6 ...)
-	TODO: check
+	NOT-FOR-US: Cursor
 CVE-2025-59536 (Claude Code is an agentic coding tool. Versions before 1.0.111 were vu ...)
-	TODO: check
+	NOT-FOR-US: Claude Code
 CVE-2025-59300 (Delta Electronics DIAScreenlacks proper validation of the user-supplie ...)
 	NOT-FOR-US: Delta Electronics
 CVE-2025-59299 (Delta Electronics DIAScreenlacks proper validation of the user-supplie ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3673da0903b4b67abfb6c460976070713c02578f...ecc4299c009bda988ffee4a852e756ed8e5475c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3673da0903b4b67abfb6c460976070713c02578f...ecc4299c009bda988ffee4a852e756ed8e5475c3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251003/bf3af972/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list