[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2025-9375 as postponed for Bullseye

Wed, 17 Sep 2025 14:55:19 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6637bfda by Thorsten Alteholz at 2025-09-17T23:45:22+02:00
mark CVE-2025-9375 as postponed for Bullseye

- - - - -
d06c90be by Thorsten Alteholz at 2025-09-17T23:54:48+02:00
mark CVE-2025-58782 as postponed for Bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4648,6 +4648,7 @@ CVE-2025-58782 (Deserialization of Untrusted Data 
vulnerability in Apache Jackra
        - jackrabbit <unfixed> (bug #1114861)
        [trixie] - jackrabbit <no-dsa> (Minor issue)
        [bookworm] - jackrabbit <no-dsa> (Minor issue)
+       [bullseye] - jackrabbit <postponed> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2025/09/06/3
        NOTE: https://issues.apache.org/jira/browse/JCR-5135
        NOTE: 
https://github.com/apache/jackrabbit/commit/7a319093c9864111bb86c9895148e580e0f8259a
 (jackrabbit-2.23.2-beta)
@@ -6934,6 +6935,7 @@ CVE-2025-9375 (XML Injection vulnerability in xmltodict 
allows Input Data Manipu
        - python-xmltodict <unfixed> (bug #1113825)
        [trixie] - python-xmltodict <no-dsa> (Minor issue)
        [bookworm] - python-xmltodict <no-dsa> (Minor issue)
+       [bullseye] - python-xmltodict <postponed> (Minor issue)
        NOTE: https://github.com/martinblech/xmltodict/issues/377
        NOTE: https://fluidattacks.com/advisories/mono
        NOTE: 
https://github.com/martinblech/xmltodict/commit/ecd456ab88d379514b116ef9293318b74e5ed3ee
 (v0.15.0)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2e95fee663db6f8fe394653c19a3481895bc363e...d06c90be8da663b13c83fa5de811c736751292c1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2e95fee663db6f8fe394653c19a3481895bc363e...d06c90be8da663b13c83fa5de811c736751292c1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to