Control: notfound 1074431 2.4+dfsg-2 Control: notfound 1074431 2.8.0+dfsg-1 Control: found 1074431 2.9.0+dfsg-1
On 2024-06-28, Moritz Mühlenhoff wrote: > The following vulnerabilities were published for arm-trusted-firmware. > > CVE-2024-6287[0]: > | Incorrect Calculation vulnerability in Renesas arm-trusted-firmware > | allows Local Execution of Code. When checking whether a new image ... > CVE-2024-6285[1]: > | Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm- > | trusted-firmware. An integer underflow in image range check As packaged in Debian bookworm and bullseye, none of the affected targets are actually built, although the source code contains the issue. The targets are built in later versions, starting with 2.9.0+dfsg-1 and 2.10.0+dfsg-1+b1 currently in trixie and sid. Marking versions appropriately. live well, vagrant
signature.asc
Description: PGP signature

