[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2025-4444 as EOL for Bullseye

Thorsten Alteholz (@alteholz) alteholz at debian.org
Fri Sep 19 09:12:03 BST 2025 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
121a10bd by Thorsten Alteholz at 2025-09-19T10:11:50+02:00
mark CVE-2025-4444 as EOL for Bullseye

- - - - -
f528e797 by Thorsten Alteholz at 2025-09-19T10:11:51+02:00
mark CVE-2025-58174 as postponed for Bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22,6 +22,7 @@ CVE-2025-50255 (Cross Site Request Forgery (CSRF) vulnerability in Smartvista Ba
 	NOT-FOR-US: Smartvista BackOffice SmartVista Suite
 CVE-2025-4444 (A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Im ...)
 	- tor <unfixed>
+	[bullseye] - tor <end-of-life> (see DSA 5562)
 	NOTE: https://github.com/chunmianwang/Tordos
 	NOTE: https://forum.torproject.org/t/alpha-and-stable-release-0-4-8-18-and-0-4-9-3-alpha/20578
 CVE-2025-40678 (Unrestricted upload vulnerability for dangerous file types on Summar S ...)
@@ -1254,6 +1255,7 @@ CVE-2025-58749 (WebAssembly Micro Runtime (WAMR) is a lightweight standalone Web
 	NOT-FOR-US: WebAssembly Micro Runtime (WAMR)
 CVE-2025-58174 (LDAP Account Manager (LAM) is a webfrontend for managing entries store ...)
 	- ldap-account-manager <unfixed> (bug #1115656)
+	[bullseye] - ldap-account-manager <postponed> (Minor issue)
 	NOTE: https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-6gqg-wm9x-5x3m
 CVE-2025-57631 (SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attack ...)
 	NOT-FOR-US: TDuckCloud



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2a17016f47271d4978300bb646ac3900d6be9fc4...f528e7973931a441bd22766f6b0318e51e676f67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2a17016f47271d4978300bb646ac3900d6be9fc4...f528e7973931a441bd22766f6b0318e51e676f67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250919/243e140d/attachment.htm>

More information about the debian-security-tracker-commits mailing list