[Git][security-tracker-team/security-tracker][master] tensorflow updates

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
244f683e by Moritz Muehlenhoff at 2025-09-02T09:56:11+02:00
tensorflow updates

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -232107,19 +232107,33 @@ CVE-2023-25665 (TensorFlow is an open source platform for machine learning. Prio
 	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g
 	NOTE: https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04 (v2.12.0-rc0)
 CVE-2023-25664 (TensorFlow is an open source platform for machine learning. Prior to v ...)
-	- tensorflow <itp> (bug #804612)
+	- tensorflow <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr
+	NOTE: https://github.com/tensorflow/tensorflow/commit/ddaac2bdd099bec5d7923dea45276a7558217e5b (v2.12.0-rc0)
 CVE-2023-25663 (TensorFlow is an open source platform for machine learning. Prior to v ...)
-	- tensorflow <itp> (bug #804612)
+	- tensorflow <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w
+	NOTE: https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a (v2.12.0-rc0)
 CVE-2023-25662 (TensorFlow is an open source platform for machine learning. Versions p ...)
-	- tensorflow <itp> (bug #804612)
+	- tensorflow <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw
+	NOTE: https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c (v2.12.0-rc0)
 CVE-2023-25661 (TensorFlow is an Open Source Machine Learning Framework. In versions p ...)
-	- tensorflow <itp> (bug #804612)
+	- tensorflow <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq
+	NOTE: https://github.com/tensorflow/tensorflow/commit/948fe6369a5711d4b4568ea9bbf6015c6dfb77e2 (v2.12.0-rc0)
 CVE-2023-25660 (TensorFlow is an open source platform for machine learning. Prior to v ...)
-	- tensorflow <itp> (bug #804612)
+	- tensorflow <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj
+	NOTE: https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1 (v2.12.0-rc0)
 CVE-2023-25659 (TensorFlow is an open source platform for machine learning. Prior to v ...)
-	- tensorflow <itp> (bug #804612)
+	- tensorflow <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p
+	NOTE: https://github.com/tensorflow/tensorflow/commit/ee004b18b976eeb5a758020af8880236cd707d05 (v2.12.0-rc0)
 CVE-2023-25658 (TensorFlow is an open source platform for machine learning. Prior to v ...)
-	- tensorflow <itp> (bug #804612)
+	- tensorflow <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6
+	NOTE: https://github.com/tensorflow/tensorflow/commit/ff459137c2716a2a60f7d441b855fcb466d778cb (v2.12.0-rc0)
 CVE-2023-25657 (Nautobot is a Network Source of Truth and Network Automation Platform. ...)
 	NOT-FOR-US: Nautobot
 CVE-2023-25656 (notation-go is a collection of libraries for supporting Notation sign, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/244f683e68f332a779b4bec999270d8cf43c0bb3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/244f683e68f332a779b4bec999270d8cf43c0bb3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250902/d56dab5e/attachment-0001.htm>