[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2025-59437/node-ip as postponed for bullseye

Utkarsh Gupta (@utkarsh) utkarsh at debian.org
Tue Sep 23 23:51:34 BST 2025 


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e08504ac by Utkarsh Gupta at 2025-09-24T04:19:23+05:30
Mark CVE-2025-59437/node-ip as postponed for bullseye

- - - - -
c27d49bd by Utkarsh Gupta at 2025-09-24T04:21:18+05:30
Add ghostscript to dla-needed

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3796,6 +3796,7 @@ CVE-2025-59437 (The ip (aka node-ip) package through 2.0.1 (in NPM) might allow
 	- node-ip <unfixed>
 	[trixie] - node-ip <no-dsa> (Minor issue)
 	[bookworm] - node-ip <no-dsa> (Minor issue)
+	[bullseye] - node-ip <postponed> (Minor issue)
 CVE-2025-59436 (The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF b ...)
 	- node-ip <unfixed>
 	[trixie] - node-ip <no-dsa> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -120,6 +120,9 @@ gdk-pixbuf
   NOTE: 20250714: CVE-2025-7345: smvc asks us to wait / help with a regression report:
   NOTE: 20250714: https://bugs.debian.org/1109262
 --
+ghostscript
+  NOTE: 20250924: Added by Front-Desk (utkarsh)
+--
 gimp (Sylvain Beucler)
   NOTE: 20250410: Added by Front-Desk (Beuc)
   NOTE: 20250410: CVE-2025-2760 may need a custom patch as upstream now focuses on gimp3,



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fdb446af9346dc6ed2a69d25d350231911bcc0f9...c27d49bdf32de2b8814daea9740875aa2cc54446

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fdb446af9346dc6ed2a69d25d350231911bcc0f9...c27d49bdf32de2b8814daea9740875aa2cc54446
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250923/cf691576/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list