Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76d8dfd3 by Salvatore Bonaccorso at 2025-01-25T08:30:02+01:00
Update information on CVE-2025-0411
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1409,11 +1409,10 @@ CVE-2023-37025 (A Null pointer dereference
vulnerability in the Mobile Managemen
CVE-2023-37024 (A reachable assertion in the Mobile Management Entity (MME) of
Magma v ...)
NOT-FOR-US: Magma
CVE-2025-0411 [7-Zip Mark-of-the-Web Bypass Vulnerability]
- - 7zip 24.09+dfsg-1
- - p7zip 16.02+transitional.1 (unimportant)
- NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
- NOTE: depending on 7zip. Mark this version as fixed version.
+ - 7zip <not-affected> (Affects only 7-Zip on Windows handling Mark of
the Web (MoTW) metadata)
+ - p7zip <not-affected> (Affects only 7-Zip on Windows handling Mark of
the Web (MoTW) metadata)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-045/
+ NOTE: https://www.openwall.com/lists/oss-security/2025/01/24/6
CVE-2025-23085 [GOAWAY HTTP/2 frames cause memory leak outside heap]
- nodejs <unfixed> (bug #1094134)
NOTE:
https://nodejs.org/en/blog/vulnerability/january-2025-security-releases#goaway-http2-frames-cause-memory-leak-outside-heap-cve-2025-23085---medium
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76d8dfd37da610391f9b55da122811df6523ec0d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76d8dfd37da610391f9b55da122811df6523ec0d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
