[Git][security-tracker-team/security-tracker][master] Add CVE-2025-59933/vips
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 30 18:21:37 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
77aaaae5 by Salvatore Bonaccorso at 2025-09-30T19:21:19+02:00
Add CVE-2025-59933/vips
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -89,7 +89,9 @@ CVE-2025-59940 (mkdocs-include-markdown-plugin is an Mkdocs Markdown includer pl
CVE-2025-59937 (go-mail is a comprehensive library for sending mails with Go. In versi ...)
NOT-FOR-US: go-mail
CVE-2025-59933 (libvips is a demand-driven, horizontally threaded image processing lib ...)
- TODO: check
+ - vips <unfixed>
+ NOTE: https://github.com/libvips/libvips/security/advisories/GHSA-q8px-4w5q-c2r4
+ NOTE: https://github.com/libvips/libvips/commit/a58bfae9223a5466cc81ba9fe6dfb08233cf17d1 (v8.17.2)
CVE-2025-59668 (Multiple versions of Central Monitor CNS-6201 contain a NULL pointer d ...)
NOT-FOR-US: Central Monitor CNS-6201
CVE-2025-59163 (vet is an open source software supply chain security tool. Versions 1. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77aaaae5d250308c0909d590823c290aa0e2a63a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77aaaae5d250308c0909d590823c290aa0e2a63a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250930/4e84788c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list