[Git][security-tracker-team/security-tracker][master] 2 commits: dla: add freerdp2

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Tue Jan 27 10:02:30 GMT 2026 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c03b675f by Sylvain Beucler at 2026-01-27T11:02:20+01:00
dla: add freerdp2

- - - - -
c0e11ac8 by Sylvain Beucler at 2026-01-27T11:02:23+01:00
CVE-2025-68972/gnupg: bullseye postponed

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -12550,6 +12550,7 @@ CVE-2025-68972 (In GnuPG through 2.4.8, if a signed message has \f at the end of
 	- gnupg2 <unfixed> (bug #1124220)
 	[trixie] - gnupg2 <no-dsa> (Minor issue)
 	[bookworm] - gnupg2 <no-dsa> (Minor issue)
+	[bullseye] - gnupg2 <postponed> (Minor issue, plaintext injection in specific scenario)
 	NOTE: https://gpg.fail/formfeed
 CVE-2025-15126 (A weakness has been identified in JeecgBoot up to 3.9.0. Affected by t ...)
 	NOT-FOR-US: JeecgBoot


=====================================
data/dla-needed.txt
=====================================
@@ -92,6 +92,10 @@ freeimage
   NOTE: 20240922: Many postponed CVE.
   NOTE: 20241202: still WIP (santiago)
 --
+freerdp2
+  NOTE: 20260127: Added by Front-Desk (Beuc)
+  NOTE: 20260127: Many CVEs fixed in 3.20.1 and 3.21, but missing fix commits (Beuc/front-desk)
+--
 frr
   NOTE: 20251102: Added by Front-Desk (apo)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/288da72e28ea07a0bf79cf15cfd3bb95762ad11a...c0e11ac821e99c1a8173753285d2125fb01cbe0d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/288da72e28ea07a0bf79cf15cfd3bb95762ad11a...c0e11ac821e99c1a8173753285d2125fb01cbe0d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260127/83734553/attachment.htm>

More information about the debian-security-tracker-commits mailing list