Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
00ccf652 by Salvatore Bonaccorso at 2025-12-18T18:20:38+01:00
Update status for CVE-2025-62725/docker-compose
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17959,10 +17959,7 @@ CVE-2025-62778 (Frappe Learning is a learning
management system. A security issu
CVE-2025-62777 (Use of Hard-Coded Credentials issue exists in MZK-DP300N
version 1.07 ...)
NOT-FOR-US: MZK-DP300N
CVE-2025-62725 (Docker Compose trusts the path information embedded in remote
OCI comp ...)
- - docker-compose <unfixed> (bug #1119298)
- [trixie] - docker-compose <not-affected> (Vulnerable code introduced
later)
- [bookworm] - docker-compose <not-affected> (Vulnerable code introduced
later)
- [bullseye] - docker-compose <not-affected> (Vulnerable code was
introduced later)
+ - docker-compose <not-affected> (Vulnerable code introduced later, cf.
bug #1119298)
NOTE:
https://github.com/docker/compose/security/advisories/GHSA-gv8h-7v7w-r22q
NOTE: Introduced in:
https://github.com/docker/compose/commit/66a47169d51ef4be5e230dda982661248b20f60a
(v2.34.0)
NOTE: Introduced in:
https://github.com/docker/compose/commit/840288895e673fcccd56a7830dee30d8a75523ef
(v2.33.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00ccf65260d0d149db82d69e3eae4fd383404223
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00ccf65260d0d149db82d69e3eae4fd383404223
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
