[Git][security-tracker-team/security-tracker][master] Add missing 'explanation' for end-of-life tag

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab17cef6 by Salvatore Bonaccorso at 2026-06-11T22:42:39+02:00
Add missing 'explanation' for end-of-life tag

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1996,24 +1996,24 @@ CVE-2025-62858 (A buffer overflow vulnerability has been reported to affect seve
 	NOT-FOR-US: QNAP
 CVE-2025-55659 (A NULL pointer dereference in the ctts_box_write function (isomedia/bo ...)
 	- gpac <removed>
-	[bullseye] - gpac <end-of-life>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-55658 (GPAC MP4Box v2.4 was discovered to contain a floating point exception  ...)
 	- gpac <removed>
-	[bullseye] - gpac <end-of-life>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-55657 (A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (od ...)
 	- gpac <removed>
-	[bullseye] - gpac <end-of-life>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-55651 (A NULL pointer dereference in the gf_isom_get_user_data_count function ...)
 	- gpac <removed>
-	[bullseye] - gpac <end-of-life>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-54509 (Improper access control for register interface in the input-output mem ...)
 	NOT-FOR-US: AMD
 CVE-2025-52293 (A segmentation violaton in the gf_hevc_read_sps_bs_internal function ( ...)
 	- gpac <removed>
-	[bullseye] - gpac <end-of-life>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-52292 (A stack buffer overflow in the filein_process function (in_file.c) of  ...)
 	- gpac <removed>
-	[bullseye] - gpac <end-of-life>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-40808 (A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All v ...)
 	NOT-FOR-US: Siemens
 CVE-2023-43688 (An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-1 ...)
@@ -6356,7 +6356,7 @@ CVE-2025-70100 (A divide-by-zero vulnerability in the ext4_block_set_lb_size fun
 	NOT-FOR-US: lwext4
 CVE-2025-60477 (A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ ...)
 	- gpac <removed>
-	[bullseye] - gpac <end-of-life>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 	NOTE: https://github.com/gpac/gpac/issues/3301
 	NOTE: https://github.com/gpac/gpac/commit/13eb5b76560aaf7813b865a2ad433258478e2695
 CVE-2025-41259 (SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TO ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab17cef6d3f0bf03afb37dd3d09869882c484df9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab17cef6d3f0bf03afb37dd3d09869882c484df9
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/831ac30b/attachment.htm>