Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
34d8960f by Salvatore Bonaccorso at 2025-12-02T20:50:18+01:00
Remove association with fail2ban for CVE-2025-45311
This was a bogus report against fail2ban. Ideally the CVE get rejected
(rquest to assigning CNA requested).
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -932,9 +932,7 @@ CVE-2025-46175 (Ruoyi v4.8.0 is vulnerable to Incorrect
Access Control. There is
CVE-2025-46174 (Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is
a missin ...)
NOT-FOR-US: Ruoyi
CVE-2025-45311 (Insecure permissions in fail2ban-client v0.11.2 allows
attackers with ...)
- - fail2ban <undetermined>
- NOTE: https://github.com/fail2ban/fail2ban/issues/4110
- TODO: check, upstream waiting on reporter, cf.
https://github.com/fail2ban/fail2ban/issues/4110#issuecomment-3586321999
+ NOTE: Bogus report against fail2ban:
https://github.com/fail2ban/fail2ban/issues/4110#issuecomment-3601428764
CVE-2025-3747
REJECTED
CVE-2025-2486 (The Ubuntu edk2 UEFI firmware packages accidentally allowed the
UEFI S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34d8960fda36d145ba3ded42a0bc21ff944b811d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34d8960fda36d145ba3ded42a0bc21ff944b811d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
