Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8055fe6d by Abhijith PA at 2025-12-02T14:37:49+05:30 Mark CVE-2025-64076 as not-affected for bookworm and bullseye. Vulnerable code introduced in version 5.6 https://github.com/agronholm/cbor2/commit/387755eacf0be35591a478d3c67fe10618a6d542 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2712,6 +2712,8 @@ CVE-2025-64996 (In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all version - check-mk <removed> CVE-2025-64076 (Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the d ...) - cbor2 5.7.1-1 + [bookworm] - cbor2 <not-affected> (Vulnerable code introduced later) + [bullseye] - cbor2 <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/agronholm/cbor2/issues/264 NOTE: https://github.com/agronholm/cbor2/pull/265 NOTE: https://github.com/agronholm/cbor2/commit/2349197bea8ebd1bf57a68f4a6549d8fd7585e66 (5.7.1) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8055fe6d793dd33ebb7dfe287a3f4a5a53df6802 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8055fe6d793dd33ebb7dfe287a3f4a5a53df6802 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
