[Git][security-tracker-team/security-tracker][master] CVE-2024-58262/rust-curve25519-dalek assigned

Mon, 28 Jul 2025 13:18:29 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9e633fc8 by Salvatore Bonaccorso at 2025-07-28T22:17:49+02:00
CVE-2024-58262/rust-curve25519-dalek assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -331,8 +331,6 @@ CVE-2025-8226 (A vulnerability was found in yanyutao0402 
ChanCMS up to 3.1.2. It
        NOT-FOR-US: yanyutao0402 ChanCMS
 CVE-2024-58263 (The cosmwasm-std crate before 2.0.2 for Rust allows integer 
overflows  ...)
        NOT-FOR-US: cosmwasm-std Rust crate
-CVE-2024-58262 (The curve25519-dalek crate before 4.1.3 for Rust has a 
constant-time o ...)
-       TODO: check
 CVE-2024-58261 (The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows 
an infi ...)
        TODO: check
 CVE-2025-8225 (A vulnerability was found in GNU Binutils 2.44 and classified 
as probl ...)
@@ -118027,9 +118025,10 @@ CVE-2024-38619 (In the Linux kernel, the following 
vulnerability has been resolv
        {DSA-5731-1 DSA-5730-1 DLA-4008-1}
        - linux 6.9.7-1
        NOTE: 
https://git.kernel.org/linus/16637fea001ab3c8df528a8995b3211906165a30 (6.10-rc4)
-CVE-2024-XXXX [RUSTSEC-2024-0344]
+CVE-2024-58262 [RUSTSEC-2024-0344]
        - rust-curve25519-dalek 4.1.3+20240618+dfsg-1 (bug #1074351)
        NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0344.html
+       NOTE: https://github.com/dalek-cryptography/curve25519-dalek/pull/659
 CVE-2024-5676 (The Paradox IP150 Internet Module in version 1.40.00 is 
vulnerable to  ...)
        NOT-FOR-US: Paradox IP150 Internet Module
 CVE-2024-4632 (The WooCommerce Checkout & Funnel Builder by CartFlows \u2013 
Create H ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e633fc82d79555e3245701c14ca6f9f4b49930e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e633fc82d79555e3245701c14ca6f9f4b49930e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to