Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
732528c3 by Salvatore Bonaccorso at 2025-05-10T11:39:56+02:00
Add further clarification step for CVE-2025-4382
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -93,6 +93,7 @@ CVE-2025-4382 (A flaw was found in systems utilizing
LUKS-encrypted disks with G
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=301b4ef25a8fafaeba48498e97efd28bd2809f97
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=dbc0eb5bd1f40de9b394e3a86e84f46c39a23e40
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=73d1c959ea3417e9309ba8c6102d7d6dc7c94259
+ TODO: double check if vulnerability only considered present after
grub_is_cli_disabled is introduced
CVE-2025-4377 (Improper Limitation of a Pathname caused a Path Traversal
vulnerabilit ...)
NOT-FOR-US: Sparx Systems Pro Cloud Server
CVE-2025-4376 (Improper Input Validation vulnerability in Sparx Systems Pro
Cloud Ser ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/732528c3e9471ccd0ef024e7ad31165392cebfe4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/732528c3e9471ccd0ef024e7ad31165392cebfe4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
