[Git][security-tracker-team/security-tracker][master] Process some new virtuoso-opensource issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 29 07:11:48 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb54158a by Salvatore Bonaccorso at 2026-06-29T08:11:20+02:00
Process some new virtuoso-opensource issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5090,23 +5090,41 @@ CVE-2025-71337 (Flowise before 3.0.10 (affected versions 3.0.7 and earlier) cont
 CVE-2025-62180 (Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by a ...)
 	NOT-FOR-US: Pega Platform
 CVE-2025-61029 (An issue in the sqlo_untry component of openlink virtuoso-opensource v ...)
-	TODO: check
+	- virtuoso-opensource <undetermined>
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1228
+	TODO: check, pinpoint commit, upstream issue say "This issue has been fixed by recent commits to the develop/7 branch" and might be in v7.2.12
 CVE-2025-61028 (An issue in the time_t_to_dt component of openlink virtuoso-opensource ...)
-	TODO: check
+	- virtuoso-opensource 7.2.12+dfsg-0.2
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1233
+	NOTE: Fixed by: https://github.com/openlink/virtuoso-opensource/commit/1d2e0e1caecb20311b0538e454d26a0cdb2e6439 (v7.2.12)
 CVE-2025-61027 (An issue in the t_set_push component of openlink virtuoso-opensource v ...)
-	TODO: check
+	- virtuoso-opensource 7.2.12+dfsg-0.2
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1232
+	NOTE: Fixed by: https://github.com/openlink/virtuoso-opensource/commit/975c0f3159010d3535526491195ba330ecff069f (v7.2.12)
 CVE-2025-61025 (An issue in the sslr_qst_get component of openlink virtuoso-opensource ...)
-	TODO: check
+	- virtuoso-opensource 7.2.12+dfsg-0.2
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1229
+	NOTE: Fixed by: https://github.com/openlink/virtuoso-opensource/commit/d1774339a7ff48f924ac6bc486f541851166091b (v7.2.12)
 CVE-2025-61024 (An issue in the sqlo_try_in_loop component of openlink virtuoso-openso ...)
-	TODO: check
+	- virtuoso-opensource <undetermined>
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1227
+	TODO: check, pinpoint commit, upstream issue say "This issue has been fixed by recent commits to the develop/7 branch" and might be in v7.2.12
 CVE-2025-61023 (An issue in the st_compare component of openlink virtuoso-opensource v ...)
-	TODO: check
+	- virtuoso-opensource 7.2.12+dfsg-0.2
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1230
+	NOTE: Fixed by: https://github.com/openlink/virtuoso-opensource/commit/b27928d04343730b2cb6c23d1c23d52770347940 (v7.2.12)
 CVE-2025-61022 (An issue in the sqlo_tb_col_preds component of openlink virtuoso-opens ...)
-	TODO: check
+	- virtuoso-opensource <undetermined>
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1226
+	TODO: check, pinpoint commit, upstream issue say "This issue has been fixed by recent commits to the develop/7 branch" and might be in v7.2.12
 CVE-2025-61021 (An issue in the sqlo_natural_join_cond component of openlink virtuoso- ...)
-	TODO: check
+	- virtuoso-opensource 7.2.12+dfsg-0.2
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1223
+	NOTE: Fixed by: https://github.com/openlink/virtuoso-opensource/commit/99e0c0a22691a08e69958875b1b30007baa82b8e (v7.2.12)
 CVE-2025-61020 (An issue in the sqlo_strip_in_join component of openlink virtuoso-open ...)
-	TODO: check
+	- virtuoso-opensource <undetermined>
+	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1225
+	TODO: check, pinpoint commit, upstream issue say "This issue has been fixed by recent commits to the develop/7 branch" and might be in v7.2.12
 CVE-2025-61019 (An issue in the sqlo_key_part_best component of openlink virtuoso-open ...)
 	- virtuoso-opensource 7.2.12+dfsg-0.2
 	NOTE: https://github.com/openlink/virtuoso-opensource/issues/1222



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb54158a2f63394771add7f49bfea21cc754432a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb54158a2f63394771add7f49bfea21cc754432a
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/7db559d5/attachment.htm>


More information about the debian-security-tracker-commits mailing list