[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-60020/nncp via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 25 04:52:46 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
39f0215c by Salvatore Bonaccorso at 2025-09-25T05:52:13+02:00
Track fixed version for CVE-2025-60020/nncp via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -413,7 +413,7 @@ CVE-2025-10892 (Integer overflow in V8 in Google Chrome prior to 140.0.7339.207
- chromium 140.0.7339.207-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-60020 (nncp before 8.12.0 allows path traversal (for reading or writing) duri ...)
- - nncp <unfixed> (bug #1115848)
+ - nncp 8.12.1-1 (bug #1115848)
NOTE: http://www.nncpgo.org/Release-8_005f12_005f0.html
NOTE: http://lists.cypherpunks.su/archive/nncp-devel/CAO-d-4riai9EZx4gVfekow-BCtTn07k8BB1ZdsopPVw=scWD1A@mail.gmail.com/T/#md678a00df1020bb811f47f42ef33c54b789cddd7
CVE-2025-9900 (A flaw was found in Libtiff. This vulnerability is a "write-what-where ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39f0215c72d58548d80cd66b3f6c529230cd6a9e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39f0215c72d58548d80cd66b3f6c529230cd6a9e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250925/266b1471/attachment.htm>
More information about the debian-security-tracker-commits
mailing list