[Git][security-tracker-team/security-tracker][master] sudo-rs DSA

Tue, 11 Nov 2025 11:17:19 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4b6b99eb by Moritz Mühlenhoff at 2025-11-11T20:16:30+01:00
sudo-rs DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -417,10 +417,12 @@ CVE-2025-12155 (A Command Injection vulnerability, 
resulting from improper file
        TODO: check
 CVE-2025-64170 [GHSA-c978-wq47-pvvw]
        - rust-sudo-rs 0.2.10-1
+       [trixie] - rust-sudo-rs 0.2.5-5+deb13u1
        NOTE: 
https://github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-c978-wq47-pvvw
        NOTE: Fixed by: 
https://github.com/trifectatechfoundation/sudo-rs/commit/0926e85913f45937a32b282c0757bc902dbb1e0c
 (v0.2.10)
 CVE-2025-64517 [GHSA-q428-6v73-fc4q]
        - rust-sudo-rs 0.2.10-1
+       [trixie] - rust-sudo-rs 0.2.5-5+deb13u1
        NOTE: 
https://github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-q428-6v73-fc4q
        NOTE: Fixed by: 
https://github.com/trifectatechfoundation/sudo-rs/commit/0e3d3837aec3ee9fb5dcb8bfe11e8adb367f58f4
 (v0.2.10)
 CVE-2025-62689 (NULL pointer dereference vulnerability exists in GNU 
libmicrohttpd v1. ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,5 @@
+[11 Nov 2025] DSA-6052-1 rust-sudo-rs - security update
+       [trixie] - rust-sudo-rs 0.2.5-5+deb13u1
 [10 Nov 2025] DSA-6051-1 incus - security update
        {CVE-2025-64507}
        [trixie] - incus 6.0.4-2+deb13u2


=====================================
data/dsa-needed.txt
=====================================
@@ -64,9 +64,6 @@ ruby-saml/oldstable
 --
 runc
 --
-rust-sudo-rs (jmm)
-  Maintainer prepared an update
---
 sogo/oldstable
 --
 sympa/oldstable



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b6b99ebec846dd42ac887bd65db6c70ba003632

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b6b99ebec846dd42ac887bd65db6c70ba003632
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to