[Git][security-tracker-team/security-tracker][master] Track fixed version for some busybox issues

Salvatore Bonaccorso (@carnil) Sun, 01 Feb 2026 08:55:28 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5f504c67 by Salvatore Bonaccorso at 2026-02-01T17:54:48+01:00
Track fixed version for some busybox issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32668,7 +32668,7 @@ CVE-2025-63149 (Tenda AX3 V16.03.12.10_CN was 
discovered to contain a stack over
 CVE-2025-63147 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack 
overflow i ...)
        NOT-FOR-US: Tenda
 CVE-2025-60876 (BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and 
other C0  ...)
-       - busybox <unfixed> (bug #1120795)
+       - busybox 1:1.37.0-8 (bug #1120795)
        [trixie] - busybox <postponed> (Minor issue, revisit when fixed 
upstream)
        [bookworm] - busybox <postponed> (Minor issue, revisit when fixed 
upstream)
        [bullseye] - busybox <postponed> (Minor issue, revisit when fixed 
upstream)
@@ -98255,7 +98255,7 @@ CVE-2024-22351 (IBM InfoSphere Information 11.7 Server 
does not invalidate sessi
 CVE-2024-12244 (An issue has been discovered in access controls could allow 
users to v ...)
        - gitlab <not-affected> (Vulnerable code introduced later)
 CVE-2025-46394 (In tar in BusyBox through 1.37.0, a TAR archive can have 
filenames hid ...)
-       - busybox <unfixed> (bug #1104008)
+       - busybox 1:1.37.0-8 (bug #1104008)
        [trixie] - busybox <postponed> (Minor issue, revisit when fixed 
upstream)
        [bookworm] - busybox <postponed> (Minor issue, revisit when fixed 
upstream)
        [bullseye] - busybox <postponed> (Minor issue, terminal corruption, 
revisit when fixed upstream)
@@ -244576,7 +244576,7 @@ CVE-2023-46355 (In the module "CSV Feeds PRO" 
(csvfeeds) < 2.6.1 from Bl Modules
 CVE-2023-46349 (In the module "Product Catalog (CSV, Excel) Export/Update" 
(updateprod ...)
        NOT-FOR-US: PrestaShop module
 CVE-2023-42366 (A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in 
the next_ ...)
-       - busybox <unfixed> (bug #1059053)
+       - busybox 1:1.37.0-8 (bug #1059053)
        [trixie] - busybox <postponed> (Minor issue, revisit when fixed 
upstream)
        [bookworm] - busybox <postponed> (Minor issue, revisit when fixed 
upstream)
        [bullseye] - busybox <postponed> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f504c6787892b7d163f9123f46562f6c5b5063a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f504c6787892b7d163f9123f46562f6c5b5063a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for some busybox issues

Reply via email to