[Git][security-tracker-team/security-tracker][master] CVE-2025-11731/libxslt: mark it as posponed in bullseye LTS
Santiago R.R. (@santiago)
santiago at debian.org
Sat May 2 16:27:50 BST 2026
Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b7b4c18f by Santiago Ruano Rincón at 2026-05-02T12:27:29-03:00
CVE-2025-11731/libxslt: mark it as posponed in bullseye LTS
Upstream consider this a low risk issue.
Signed-off-by: Santiago Ruano Rincón <santiagorr at riseup.net>
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -87148,6 +87148,7 @@ CVE-2025-11731 (A flaw was found in the exsltFuncResultComp() function of libxsl
- libxslt 1.1.43-0.3 (bug #1118078)
[trixie] - libxslt <no-dsa> (Minor issue)
[bookworm] - libxslt <no-dsa> (Minor issue)
+ [bullseye] - libxslt <postponed> (Minor issue; upstream consider this issue entails a low risk)
NOTE: https://gitlab.gnome.org/GNOME/libxslt/-/issues/151
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxslt/-/commit/fe508f201efb9ea37bfbe95413b8b28251497de3
CVE-2025-11623 (SQL injection in Ivanti Endpoint Managerbefore version 2024 SU5 allows ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7b4c18f4c9f1a2b4e9a0ddef1a30d7c0b9f9b85
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7b4c18f4c9f1a2b4e9a0ddef1a30d7c0b9f9b85
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260502/0fcdad14/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list