[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend rule for Eclipse

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Oct 15 11:29:46 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4307ff38 by Moritz Mühlenhoff at 2025-10-15T12:29:00+02:00
auto-nfu: Extend rule for Eclipse

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,9 +33,9 @@ CVE-2025-61797 (Adobe Experience Manager versions 11.6 and earlier are affected
 CVE-2025-61796 (Adobe Experience Manager versions 11.6 and earlier are affected by a s ...)
 	NOT-FOR-US: Adobe
 CVE-2025-55080 (In Eclipse ThreadX before 6.4.3, when memory protection is enabled, sy ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-55079 (In Eclipse ThreadX before version 6.4.3, the thread module has a setti ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-55039 (This issue affects Apache Spark versions before  3.4.4,3.5.2 and 4.0.0 ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-54279 (Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use Af ...)
@@ -1038,7 +1038,7 @@ CVE-2025-59889 (Improper authentication of library files in the Eaton IPP softwa
 CVE-2025-59836 (Omni manages Kubernetes on bare metal, virtual machines, or in a cloud ...)
 	NOT-FOR-US: Omni
 CVE-2025-55078 (In Eclipse ThreadX before version 6.4.3, an attacker can cause a denia ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-42939 (SAP S/4HANA (Manage Processing Rules - For Bank Statements) allows an  ...)
 	NOT-FOR-US: SAP
 CVE-2025-42937 (SAP Print Service (SAPSprint) performs insufficient validation of path ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -338,6 +338,7 @@
       - product: Eclipse Cyclone DDS
       - product: Eclipse Glassfish
       - product: OpenJ9
+      - product: ThreadX
 - reason: Esri
   allOf:
     - cna: Esri



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4307ff380f67e5c2522e936054278a5d30afe4f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4307ff380f67e5c2522e936054278a5d30afe4f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251015/aa9fde72/attachment.htm>

More information about the debian-security-tracker-commits mailing list