Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e08504ac by Utkarsh Gupta at 2025-09-24T04:19:23+05:30
Mark CVE-2025-59437/node-ip as postponed for bullseye
- - - - -
c27d49bd by Utkarsh Gupta at 2025-09-24T04:21:18+05:30
Add ghostscript to dla-needed
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3796,6 +3796,7 @@ CVE-2025-59437 (The ip (aka node-ip) package through
2.0.1 (in NPM) might allow
- node-ip <unfixed>
[trixie] - node-ip <no-dsa> (Minor issue)
[bookworm] - node-ip <no-dsa> (Minor issue)
+ [bullseye] - node-ip <postponed> (Minor issue)
CVE-2025-59436 (The ip (aka node-ip) package through 2.0.1 (in NPM) might
allow SSRF b ...)
- node-ip <unfixed>
[trixie] - node-ip <no-dsa> (Minor issue)
=====================================
data/dla-needed.txt
=====================================
@@ -120,6 +120,9 @@ gdk-pixbuf
NOTE: 20250714: CVE-2025-7345: smvc asks us to wait / help with a regression
report:
NOTE: 20250714: https://bugs.debian.org/1109262
--
+ghostscript
+ NOTE: 20250924: Added by Front-Desk (utkarsh)
+--
gimp (Sylvain Beucler)
NOTE: 20250410: Added by Front-Desk (Beuc)
NOTE: 20250410: CVE-2025-2760 may need a custom patch as upstream now
focuses on gimp3,
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fdb446af9346dc6ed2a69d25d350231911bcc0f9...c27d49bdf32de2b8814daea9740875aa2cc54446
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fdb446af9346dc6ed2a69d25d350231911bcc0f9...c27d49bdf32de2b8814daea9740875aa2cc54446
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
