[Git][security-tracker-team/security-tracker][master] rust-crossbeam-channel CVEfied

Wed, 14 May 2025 02:08:10 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b0c2a9f5 by Moritz Muehlenhoff at 2025-05-14T11:07:42+02:00
rust-crossbeam-channel CVEfied

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,12 @@
 CVE-2025-4668
        REJECTED
 CVE-2025-4574 (In crossbeam-channel rust crate, the internal `Channel` type's 
`Drop`  ...)
-       TODO: check
+       - rust-crossbeam-channel 0.5.15-1 (bug #1103987)
+       [bookworm] - rust-crossbeam-channel <not-affected> (Only affects 0.5.12 
to 0.5.14)
+       [bullseye] - rust-crossbeam-channel <not-affected> (Only affects 0.5.12 
to 0.5.14)
+       NOTE: https://rustsec.org/advisories/RUSTSEC-2025-0024.html
+       NOTE: https://github.com/crossbeam-rs/crossbeam/pull/1187
+       NOTE: Fixed by: 
https://github.com/crossbeam-rs/crossbeam/commit/6ec74ecae896df5fc239518b45a1bfd258c9db68
 (crossbeam-channel-0.5.15)
 CVE-2025-4520 (The Uncanny Automator plugin for WordPress is vulnerable to 
unauthoriz ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-47899
@@ -6776,13 +6781,6 @@ CVE-2024-47829 (pnpm is a package manager. Prior to 
version 10.0.0, the path sho
        NOT-FOR-US: pnpm
 CVE-2024-10306 (A vulnerability was found in mod_proxy_cluster. The issue is 
that the  ...)
        - libapache2-mod-cluster <itp> (bug #731410)
-CVE-2025-XXXX [RUSTSEC-2025-0024]
-       - rust-crossbeam-channel 0.5.15-1 (bug #1103987)
-       [bookworm] - rust-crossbeam-channel <not-affected> (Only affects 0.5.12 
to 0.5.14)
-       [bullseye] - rust-crossbeam-channel <not-affected> (Only affects 0.5.12 
to 0.5.14)
-       NOTE: https://rustsec.org/advisories/RUSTSEC-2025-0024.html
-       NOTE: https://github.com/crossbeam-rs/crossbeam/pull/1187
-       NOTE: Fixed by: 
https://github.com/crossbeam-rs/crossbeam/commit/6ec74ecae896df5fc239518b45a1bfd258c9db68
 (crossbeam-channel-0.5.15)
 CVE-2025-XXXX [RUSTSEC-2025-0023]
        - rust-tokio 1.43.1-1 (bug #1103988)
        [bookworm] - rust-tokio <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0c2a9f5be809043a8680d266b3dfd63edf9fcee

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0c2a9f5be809043a8680d266b3dfd63edf9fcee
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to