Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
13b7562a by Salvatore Bonaccorso at 2025-09-25T22:20:01+02:00
Add two new glib-networking issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,15 @@
CVE-2025-60249 (vulnerability-lookup 2.16.0 allows XSS in bundle.py,
comment.py, and u ...)
TODO: check
CVE-2025-60019 (glib-networking's OpenSSL backend fails to properly check the
return v ...)
- TODO: check
+ - glib-networking <unfixed>
+ NOTE: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/227
+ NOTE:
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/263
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/glib-networking/-/commit/70df675dd4f5e4a593b2f95406c1aac031aa8bc7
CVE-2025-60018 (glib-networking's OpenSSL backend fails to properly check the
return v ...)
- TODO: check
+ - glib-networking <unfixed>
+ NOTE: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/226
+ NOTE:
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/262
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/glib-networking/-/commit/4dd540505d40babe488404f3174ec39f49a84485
CVE-2025-5494 (ZohoCorp ManageEngine Endpoint Central was impacted by an
improper pri ...)
NOT-FOR-US: Zoho
CVE-2025-59841 (Flag Forge is a Capture The Flag (CTF) platform. In versions
from 2.2. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13b7562af50717d1d242411501c59324ca917ca2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13b7562af50717d1d242411501c59324ca917ca2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
