[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE of devscripts as postponed for Bullseye

Thorsten Alteholz (@alteholz) Wed, 23 Jul 2025 15:04:48 -0700


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cac7b133 by Thorsten Alteholz at 2025-07-23T23:39:02+02:00
mark CVE of devscripts as postponed for Bullseye

- - - - -
0a470bf4 by Thorsten Alteholz at 2025-07-23T23:57:31+02:00
add goldendict

- - - - -
b338e2bb by Thorsten Alteholz at 2025-07-24T00:04:28+02:00
add node-form-data

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2626,6 +2626,7 @@ CVE-2024-26291 (An Unauthenticated Arbitrary File Read 
vulnerability affects the
        NOT-FOR-US: Avid Nexis
 CVE-2025-XXXX [uscan must not skip OpenPGP check after failed check in 
previous run]
        - devscripts <unfixed> (bug #1109251)
+       [bullseye] - devscripts <postponed> (Minor issue)
 CVE-2025-7620 (The cross-browser document creation component produced by 
Digitware Sy ...)
        NOT-FOR-US: Digitware System
 CVE-2025-7619 (BatchSignCS, a background Windows application developed by 
WellChoose, ...)


=====================================
data/dla-needed.txt
=====================================
@@ -139,6 +139,11 @@ golang-golang-x-net
   NOTE: 20250502: NB. golang - will need to check and schedule binNMUs. (lamby)
   NOTE: 20250621: 
https://salsa.debian.org/go-team/packages/golang-golang-x-net/-/commits/debian/bullseye
 (ah)
 --
+goldendict
+  NOTE: 20250723: Added by Front-Desk (ta)
+  NOTE: 20250723: there is no upstream fix yet
+  NOTE: 20250723: package has been renamed to goldendict-ng
+--
 grub2
   NOTE: 20250105: Added by Front-Desk (apo)
   NOTE: 20250105: high-profile package but not enough details yet. (apo)
@@ -260,6 +265,9 @@ nextcloud-desktop
 node-axios
   NOTE: 20250308: Added by Front-Desk (rouca)
 --
+node-form-data
+  NOTE: 20250724: Added by Front-Desk (ta)
+--
 node-prismjs
   NOTE: 20250303: Added by Front-Desk (rouca)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ac865c4da4c58acefb473c9ca34c59e35d896833...b338e2bb588e498302ef59daace9b4179d011788

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ac865c4da4c58acefb473c9ca34c59e35d896833...b338e2bb588e498302ef59daace9b4179d011788
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE of devscripts as postponed for Bullseye

Reply via email to