Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1d16157a by Salvatore Bonaccorso at 2025-01-22T06:42:06+01:00 Add tracking for PMASA-2025-[12] for phpmyadmin Deliberately not addin as well for PMASA-2025-3 which the unterlying issue is in glibc (but can be revisited). - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,11 @@ +CVE-2025-XXXX [PMASA-2025-2: XSS on Insert page] + - phpmyadmin 4:5.2.2-really5.2.2+20250121+dfsg-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2025-2/ + NOTE: Fixed by: https://github.com/phpmyadmin/phpmyadmin/commit/7355ddff8d1da9453cf43c09a45666157b16103d (RELEASE_5_2_2) +CVE-2025-XXXX [PMASA-2025-1: XSS when checking tables] + - phpmyadmin 4:5.2.2-really5.2.2+20250121+dfsg-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2025-1/ + NOTE: Fixed by: https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7 (RELEASE_5_2_2) CVE-2025-23085 [GOAWAY HTTP/2 frames cause memory leak outside heap] - nodejs <unfixed> NOTE: https://nodejs.org/en/blog/vulnerability/january-2025-security-releases#goaway-http2-frames-cause-memory-leak-outside-heap-cve-2025-23085---medium View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d16157a3f658c15c86310736759474b521da09d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d16157a3f658c15c86310736759474b521da09d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
