Andreas Henriksson pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d370cad1 by Andreas Henriksson at 2026-01-17T17:33:02+01:00
data/CVE/list: CVE-2025-2337: Mark bullseye as not-affected
The vulnerable code was introduced in a commit that was first part
of v1.5.20 (while bullseye has v1.5.19 and lacks the vulnerable code).
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -106588,7 +106588,7 @@ CVE-2025-2338 (A vulnerability, which was classified
as critical, was found in t
CVE-2025-2337 (A vulnerability, which was classified as critical, has been
found in t ...)
- libmatio 1.5.28-2 (bug #1100992)
[bookworm] - libmatio <postponed> (Minor issue, revisit when fixed
upstream)
- [bullseye] - libmatio <postponed> (Minor issue, revisit when fixed
upstream)
+ [bullseye] - libmatio <not-affected> (Vulnerable code introduced in
v1.5.20, commit 67a922f83467d694fa6e)
NOTE: https://github.com/tbeu/matio/issues/267
NOTE: Fixed by:
https://github.com/tbeu/matio/commit/67000893b627205c42abc125d7917b6b2d18f84f
(v1.5.29)
CVE-2025-30077 (Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28
allows an i ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d370cad1f5e1388b056bcf4e698ac3378cf582c3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d370cad1f5e1388b056bcf4e698ac3378cf582c3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
