-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6028-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 17, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : lxd CVE ID : CVE-2025-54286 CVE-2025-54287 CVE-2025-54288 CVE-2025-54293 Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in file disclosure, information disclosure or or cross-site request forgery. For the oldstable distribution (bookworm), these problems have been fixed in version 5.0.2-5+deb12u1. For the stable distribution (trixie), these problems have been fixed in version 5.0.2+git20231211.1364ae4-9+deb13u1. We recommend that you upgrade your lxd packages. For the detailed security status of lxd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lxd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmjyXYgACgkQEMKTtsN8 Tjaocg/+Nsv85+2wuyWAIfbdDpNnJjEDNrG8aI7tgJn733mV2V9C0G8fyHqIq0As DDVGkbSqXsOGvrO56+YkYs8xJpYsC5oDGzRm8MxDH+Zilpze6rfcSHyegsujuiXg 7vr2EmXxKu3sqeNYBiDLAwlyv0repzfsuiJrCRmMJQywqFzTIHY+Dk1djMBSTfAi 9wdWSblQmVR56KK9/ZqD2SF2CJ2XwNEJdk49ILqcE4Ybopn43sXTW6TVOyd4FYY+ 86jICkot7sJAkgjJFhhNquJth/+hV9qvcKxZCTYo4bBiyKIlCMb3MG6hV4PWqwX2 0EsuqZ4ctD75rNqkoC5wJJOdX5fHmmqRS0l2pf3VqQJXHhetZkJpbPtfc46Gf+y2 bAHgUbU3e8aJ3sV7QBVnC1j1KZfcm2gVetYkqJ1Y+ms72MdZougIEJrAXwmgRPfR TXf0KH3a9Rm235qVDy9wSJsLZjfNPujosUqx9MJxfjIMnxkO2bQ0Wei9bIV+SPOM aAN4iLqO1et7e1/RbxHfMNW7S9NfqgISiza7WZ7jjKWvPfrYP9HSQA+bg6JdFeed 9iYUJyvGYAQqRDutJ43QVHgV5ahb4AsZaQF+u5Tsu1pPvdlAeSUvlPAGSPozo0eP /tlBpWDePmNwy8BPNUQkVv8Z/W1HRFb3hfDlbJmhdjYMhqhKji4= =ZQjH -----END PGP SIGNATURE-----
