Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6dbc3711 by Moritz Muehlenhoff at 2025-02-16T15:46:45+01:00
new libarchive issue
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,10 @@ CVE-2025-1332 (A vulnerability has been found in FastCMS up to
0.1.5 and classif
CVE-2024-57971 (DataSourceResource.java in the SpagoBI API support in Knowage
Server i ...)
NOT-FOR-US: Knowage Server in KNOWAGE
CVE-2024-57970 (libarchive through 3.7.7 has a heap-based buffer over-read in
header_g ...)
- TODO: check
+ - libarchive <unfixed>
+ NOTE:
https://github.com/libarchive/libarchive/commit/82912103214506316bd9990d73f33d743d55f570
+ NOTE: https://github.com/libarchive/libarchive/pull/2422
+ NOTE: https://github.com/libarchive/libarchive/issues/2415
CVE-2025-26793 (The Web GUI configuration panel of Hirsch (formerly Identiv
and Viscou ...)
NOT-FOR-US: Hirsch Enterphone MESH
CVE-2025-22209 (A SQL injection vulnerability in the JS Jobs plugin versions
1.1.5-1.4 ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -27,6 +27,8 @@ jetty9
--
jpeg-xl
--
+libarchive
+--
libreswan
Waiting on feedback from maintainer
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dbc3711f63e97f7bc7c629857ab531579fd69e5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dbc3711f63e97f7bc7c629857ab531579fd69e5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
