[Git][security-tracker-team/security-tracker][master] Remove reference to commit
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 7 07:01:50 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
75fd96f9 by Salvatore Bonaccorso at 2025-10-07T08:00:32+02:00
Remove reference to commit
Yadd mentioned in #1117504, that the patch does nothing (a try/catch on
an sync method won't catch anything).
The bug likely need to be properly reported upstream?
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3076,7 +3076,6 @@ CVE-2025-11149 (This affects all versions of the package node-static; all versio
- node-static <unfixed> (bug #1117504)
[trixie] - node-static <no-dsa> (Minor issue)
[bookworm] - node-static <no-dsa> (Minor issue)
- NOTE: https://github.com/cloudhead/node-static/commit/78879dc665f0f7137063794b6e0b6203a81c7f67 (v0.1.0)
CVE-2025-11148 (All versions of the package check-branches are vulnerable to Command I ...)
NOT-FOR-US: check-branches Node.js package
CVE-2025-10991 (The attacker may obtain root access by connecting to the UART port and ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75fd96f95876aab0dcb613e842ceec9247b0f2ff
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75fd96f95876aab0dcb613e842ceec9247b0f2ff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251007/6296c586/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list