[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add another product for the Apache CNA rule

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 21 08:00:25 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11fa0742 by Salvatore Bonaccorso at 2025-10-21T09:00:03+02:00
auto-nfu: Add another product for the Apache CNA rule

- - - - -
c37676fa by Salvatore Bonaccorso at 2025-10-21T09:00:04+02:00
Process one more NFU

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2025-5517 (Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox
 CVE-2025-57837 (Tileservice module is affected by information leak vulnerability, succ ...)
 	NOT-FOR-US: Honor
 CVE-2025-57738 (Apache Syncope offers the ability to extend / customize the base behav ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-56224 (A lack of rate limiting in the One-Time Password (OTP) verification en ...)
 	NOT-FOR-US: SigningHub
 CVE-2025-56223 (A lack of rate limiting in the component /Home/UploadStreamDocument of ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -290,6 +290,7 @@
       - product: Apache Spark
       - product: Apache StreamPark
       - product: Apache Superset
+      - product: Apache Syncope
       - product: Apache Traffic Control
       - product: Apache Zeppelin
 - reason: Check Point



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f23f98769d50463b3b488f7e5ceb122f8dadd647...c37676fab0521b039e7c58d44a527fbb087f5097

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f23f98769d50463b3b488f7e5ceb122f8dadd647...c37676fab0521b039e7c58d44a527fbb087f5097
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251021/1d69bba9/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list