Source: skanpage Version: 25.04.2-1 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for skanpage. CVE-2025-55174[0]: | In KDE Skanpage before 25.08.0, an attempt at file overwrite can | result in the contents of the new file at the beginning followed by | the partial contents of the old file at the end, because of use of | QIODevice::ReadWrite instead of QODevice::WriteOnly. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-55174 https://www.cve.org/CVERecord?id=CVE-2025-55174 [1] https://kde.org/info/security/advisory-20250811-1.txt [2] https://commits.kde.org/skanpage/19308900da27b46739f2360426b91479e7179a2f Please adjust the affected versions in the BTS as needed. Regards, Salvatore
