[Git][security-tracker-team/security-tracker][master] bookworm/trixie triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Sep 17 10:09:56 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
11a3790f by Moritz Muehlenhoff at 2025-09-17T11:02:39+02:00
bookworm/trixie triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -189,6 +189,7 @@ CVE-2025-52044 (In Frappe ERPNext v15.57.5, the function get_stock_balance() at
NOT-FOR-US: Frappe ERPNext
CVE-2025-4953 (A flaw was found in Podman. In a Containerfile or Podman, data written ...)
- podman <unfixed>
+ [trixie] - podman <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2367235
TODO: check details
CVE-2025-4688 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -30187,6 +30188,7 @@ CVE-2025-48988 (Allocation of Resources Without Limits or Throttling vulnerabili
CVE-2025-48976 (Allocation of resources for multipart headers with insufficient limits ...)
{DLA-4245-1 DLA-4244-1}
- libcommons-fileupload-java <unfixed> (bug #1108120)
+ [trixie] - libcommons-fileupload-java <no-dsa> (Minor issue)
[bookworm] - libcommons-fileupload-java <no-dsa> (Minor issue)
- tomcat11 <unfixed> (bug #1108118)
- tomcat10 <unfixed> (bug #1108119)
=====================================
data/dsa-needed.txt
=====================================
@@ -25,6 +25,8 @@ frr/oldstable
cpp-httplib
Maintainer preparing updates, waiting for feedback on bookworm status
--
+ffmpeg/stable (jmm)
+--
gh/oldstable
Santiago Vila might work on preparing an update
--
@@ -33,10 +35,10 @@ intel-microcode (carnil)
--
jackson-core
--
-jetty9
+jetty9 (jmm)
Adrian Bunk sent debdiffs for review
--
-jetty12/stable
+jetty12/stable (jmm)
Adrian Bunk sent debdiffs for review
--
libreswan/oldstable
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11a3790fa5ba3c08515f4072cc8dba2b6f7f8fbd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11a3790fa5ba3c08515f4072cc8dba2b6f7f8fbd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250917/dfdf5bab/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list