[Git][security-tracker-team/security-tracker][master] CVE-2025-59933/vips [bullseye]
Bastien Roucariès (@rouca)
rouca at debian.org
Tue Sep 30 22:01:07 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
682db860 by Bastien Roucariès at 2025-09-30T23:00:55+02:00
CVE-2025-59933/vips [bullseye]
low impact, can be workarround
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -210,6 +210,7 @@ CVE-2025-59937 (go-mail is a comprehensive library for sending mails with Go. In
NOT-FOR-US: go-mail
CVE-2025-59933 (libvips is a demand-driven, horizontally threaded image processing lib ...)
- vips <unfixed>
+ [bullseye] - vips <postponed> (minor issue; low impact, workaround exists)
NOTE: https://github.com/libvips/libvips/security/advisories/GHSA-q8px-4w5q-c2r4
NOTE: https://github.com/libvips/libvips/commit/a58bfae9223a5466cc81ba9fe6dfb08233cf17d1 (v8.17.2)
CVE-2025-59668 (Multiple versions of Central Monitor CNS-6201 contain a NULL pointer d ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/682db860498b99760f5bc92d01e44c3edd238d1f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/682db860498b99760f5bc92d01e44c3edd238d1f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250930/85314fad/attachment.htm>
More information about the debian-security-tracker-commits
mailing list