[Git][security-tracker-team/security-tracker][master] Add CVE-2025-8194/pythonAdd CVE-2025-8194/python

Tue, 29 Jul 2025 00:05:09 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
46f16c1c by Salvatore Bonaccorso at 2025-07-29T09:04:30+02:00
Add CVE-2025-8194/pythonAdd CVE-2025-8194/python

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24,7 +24,18 @@ CVE-2025-8266 (A vulnerability has been found in 
yanyutao0402 ChanCMS up to 3.1.
 CVE-2025-8265 (A vulnerability classified as critical has been found in 299Ko 
CMS 2.0 ...)
        NOT-FOR-US: 299Ko CMS
 CVE-2025-8194 (There is a defect in the CPython \u201ctarfile\u201d module 
affecting  ...)
-       TODO: check
+       - python3.13 <unfixed>
+       - python3.12 <unfixed>
+       - python3.11 <removed>
+       [bookworm] - python3.11 <no-dsa> (Minor issue)
+       - python3.9 <removed>
+       - python2.7 <removed>
+       [bullseye] - python2.7 <end-of-life> (EOL in bullseye LTS)
+       NOTE: https://github.com/python/cpython/issues/130577
+       NOTE: https://github.com/python/cpython/pull/137027
+       NOTE: 
https://mail.python.org/archives/list/[email protected]/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/
+       NOTE: Fixed by: 
https://github.com/python/cpython/commit/7040aa54f14676938970e10c5f74ea93cd56aa38
 (main)
+       NOTE: Fixed by: 
https://github.com/python/cpython/commit/cdae923ffe187d6ef916c0f665a31249619193fe
 (3.13-branch)
 CVE-2025-7676 (DLL hijacking of all PE32 executables when run on Windows for 
ARM64 CP ...)
        NOT-FOR-US: Microsoft
 CVE-2025-6918 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46f16c1cbd9e953f37d430325bbd5f4bfe3878df

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46f16c1cbd9e953f37d430325bbd5f4bfe3878df
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to