[Git][security-tracker-team/security-tracker][master] CVE-2025-61795,CVE-2025-48989,tomcat10: fixed in unstable

Markus Koschany (@apo) apo at debian.org
Wed Jan 28 04:29:41 GMT 2026 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f75a4b4f by Markus Koschany at 2026-01-28T05:28:58+01:00
CVE-2025-61795,CVE-2025-48989,tomcat10: fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35165,7 +35165,7 @@ CVE-2025-62253 (Open redirect vulnerability in page administration in Liferay Po
 	NOT-FOR-US: Liferay
 CVE-2025-61795 (Improper Resource Shutdown or Release vulnerability in Apache Tomcat.  ...)
 	- tomcat11 <unfixed> (bug #1119293)
-	- tomcat10 <unfixed> (bug #1119294)
+	- tomcat10 10.1.52-1 (bug #1119294)
 	- tomcat9 9.0.70-2
 	NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server stack, using that as the fixed version
 	NOTE: https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06 (11.0.12)
@@ -62868,7 +62868,7 @@ CVE-2025-50251 (Server side request forgery (SSRF) vulnerability in makeplane pl
 	NOT-FOR-US: makeplane plane
 CVE-2025-48989 (Improper Resource Shutdown or Release vulnerability in Apache Tomcat m ...)
 	- tomcat11 11.0.11-1 (bug #1111097)
-	- tomcat10 <unfixed> (bug #1111096)
+	- tomcat10 10.1.52-1 (bug #1111096)
 	- tomcat9 9.0.70-2
 	NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server stack, using that as the fixed version
 	NOTE: https://github.com/apache/tomcat/commit/f362c8eb3b8ec5b7f312f7f5610731c0fb299a06 (11.0.10)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f75a4b4f307a1f22619d89b04b01478b6b577afc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f75a4b4f307a1f22619d89b04b01478b6b577afc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260128/58f1f37c/attachment.htm>

More information about the debian-security-tracker-commits mailing list