[Git][security-tracker-team/security-tracker][master] ruby-rack DSA

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Oct 15 20:40:18 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ce4428c by Moritz Mühlenhoff at 2025-10-15T21:39:54+02:00
ruby-rack DSA

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1417,11 +1417,15 @@ CVE-2025-61930 (Emlog is an open source website building system. Emlog Pro versi
 	NOT-FOR-US: Emlog
 CVE-2025-61912 (python-ldap is a lightweight directory access protocol (LDAP) client A ...)
 	- python-ldap <unfixed> (bug #1117859)
+	[trixie] - python-ldap <no-dsa> (Minor issue)
+	[bookworm] - python-ldap <no-dsa> (Minor issue)
 	NOTE: https://github.com/python-ldap/python-ldap/security/advisories/GHSA-p34h-wq7j-h5v6
 	NOTE: https://github.com/python-ldap/python-ldap/commit/6ea80326a34ee6093219628d7690bced50c49a3f (main)
 	NOTE: https://github.com/python-ldap/python-ldap/commit/9f5b2effbafdf7af0e7064a7aa42d2739d373bd7 (python-ldap-3.4.5)
 CVE-2025-61911 (python-ldap is a lightweight directory access protocol (LDAP) client A ...)
 	- python-ldap <unfixed> (bug #1117858)
+	[trixie] - python-ldap <no-dsa> (Minor issue)
+	[bookworm] - python-ldap <no-dsa> (Minor issue)
 	NOTE: https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r7r6-cc7p-4v5m
 	NOTE: https://github.com/python-ldap/python-ldap/commit/3957526fb1852e84b90f423d9fef34c7af25b85a (main)
 	NOTE: https://github.com/python-ldap/python-ldap/commit/464fddacd63092d6e01c62a38316a713c30ca98a (python-ldap-3.4.5)
@@ -1514,6 +1518,8 @@ CVE-2025-61925 (Astro is a web framework. Prior to version 5.14.2, Astro reflect
 	NOT-FOR-US: Astro web framework
 CVE-2025-61921 (Sinatra is a domain-specific language for creating web applications in ...)
 	- ruby-sinatra <unfixed>
+	[trixie] - ruby-sinatra <no-dsa> (Minor issue)
+	[bookworm] - ruby-sinatra <no-dsa> (Minor issue)
 	NOTE: https://github.com/sinatra/sinatra/security/advisories/GHSA-mr3q-g2mv-mr4q
 	NOTE: https://github.com/sinatra/sinatra/issues/2120
 	NOTE: https://github.com/sinatra/sinatra/pull/1823
@@ -2192,6 +2198,8 @@ CVE-2025-11573 (An infinite loop issue in Amazon.IonDotnet library versions <v1.
 	NOT-FOR-US: Amazon
 CVE-2025-11561 (A flaw was found in the integration of Active Directory and the System ...)
 	- sssd <unfixed> (bug #1117935)
+	[trixie] - sssd <no-dsa> (Minor issue)
+	[bookworm] - sssd <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2402727
 	NOTE: https://blog.async.sg/kerberos-ldr
 	NOTE: https://github.com/SSSD/sssd/issues/8021
@@ -2523,6 +2531,8 @@ CVE-2025-8291 (The 'zipfile' module would not check the validity of the ZIP64 En
 	[bookworm] - jython <no-dsa> (Minor issue)
 	[bullseye] - jython <end-of-life> (EOL in bullseye LTS)
 	- pypy3 <unfixed>
+	[trixie] - pypy3 <no-dsa> (Minor issue)
+	[bookworm] - pypy3 <no-dsa> (Minor issue)
 	NOTE: https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/
 	NOTE: https://github.com/python/cpython/issues/139700
 	NOTE: https://github.com/python/cpython/pull/139702


=====================================
data/dsa-needed.txt
=====================================
@@ -67,11 +67,13 @@ python-internetarchive
 rtpengine
   Victor Seva prepared a debdiff for trixie-security for review, bookworm-security debdiff missing
 --
-ruby-rack/oldstable
+ruby-rack
 --
 ruby-saml/oldstable
   Utkarsh Gupta might work on an update
 --
+samba
+--
 sogo/oldstable
 --
 sympa/oldstable



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ce4428c100e1dacafe4711bd636ae24ed7b8872

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ce4428c100e1dacafe4711bd636ae24ed7b8872
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251015/fccb5319/attachment.htm>

More information about the debian-security-tracker-commits mailing list