Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
50d87e03 by Salvatore Bonaccorso at 2025-12-14T14:27:26+01:00
Reference nm-1-52 backport merge request for CVE-2025-9615
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -482,6 +482,7 @@ CVE-2025-9615 [avoid that non-admin user using other users'
certificates]
[bullseye] - network-manager <ignored> (Intrusive and needs update
across the VPN plugin ecosystem to keep them functional)
NOTE:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2324
NOTE:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1809 (not
yet public)
+ NOTE:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2327
(nm-1-52 backport)
NOTE: The issue is in network-manager and the CVE associated with it. A
patched
NOTE: network-manager daemon will refuse to activating the private
connections from plugins
NOTE: without the fix. The VPN plugins need a corresponding update to
keep then functional
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50d87e03f2b4dcba19ba8e19296095e904e5c9e1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50d87e03f2b4dcba19ba8e19296095e904e5c9e1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
