[Git][security-tracker-team/security-tracker][master] Reserve DLA-4307-1 for jq
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Sun Sep 21 16:34:02 BST 2025
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
20be6972 by Thorsten Alteholz at 2025-09-21T17:33:42+02:00
Reserve DLA-4307-1 for jq
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -38092,7 +38092,6 @@ CVE-2025-48060 (jq is a command-line JSON processor. In versions up to and inclu
- jq 1.8.0-1 (bug #1106288)
[trixie] - jq 1.7.1-6+deb13u1
[bookworm] - jq 1.6-2.1+deb12u1
- [bullseye] - jq <postponed> (Minor issue; revisit when fixed upstream)
NOTE: https://github.com/jqlang/jq/security/advisories/GHSA-p7rr-28xf-3m5w
CVE-2025-48012 (Authentication Bypass by Capture-replay vulnerability in Drupal One Ti ...)
NOT-FOR-US: Drupal core and addons
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[21 Sep 2025] DLA-4307-1 jq - security update
+ {CVE-2025-48060}
+ [bullseye] - jq 1.6-2.1+deb11u1
[21 Sep 2025] DLA-4306-1 pam - security update
{CVE-2024-22365 CVE-2025-6020}
[bullseye] - pam 1.4.0-9+deb11u2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20be6972f2269a068e04cb1ae8b26a8a2260ad83
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20be6972f2269a068e04cb1ae8b26a8a2260ad83
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250921/cf2420f7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list