Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
54b305c8 by Salvatore Bonaccorso at 2026-01-04T17:59:04+01:00
Add edk2 for CVE-2024-13176
This is because the CVE in the embedded copy affects the edk2
functionality and upsream picked the change. Update the tracking
accordingly as the fix was cherry-picked in the edk2/2025.02-9 upload.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -119368,6 +119368,9 @@ CVE-2024-13176 (Issue summary: A timing side-channel
which could potentially all
{DLA-4176-1}
- openssl 3.4.1-1 (bug #1094027)
[bookworm] - openssl 3.0.16-1~deb12u1
+ - edk2 2025.02-9
+ [trixie] - edk2 <no-dsa> (Minor issue)
+ [bookworm] - edk2 <no-dsa> (Minor issue)
NOTE: https://openssl-library.org/news/secadv/20250120.txt
NOTE:
https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f
(openssl-3.4.1)
NOTE:
https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902
(openssl-3.3.3)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54b305c87a3b39d72345c626c8007d70c2d511f3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54b305c87a3b39d72345c626c8007d70c2d511f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
