Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
245f49d0 by Salvatore Bonaccorso at 2025-08-10T21:03:26+02:00
Update status for CVE-2025-45512
Not considered a security issue by upstream, ideally should be rejected.
Thanks: Vagrant Cascadian for reaching out to upstream and confirming
the status.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1131,7 +1131,8 @@ CVE-2025-46658 (An issue was discovered in ExonautWeb in
4C Strategies Exonaut 2
CVE-2025-45512 (A lack of signature verification in the bootloader of DENX
Software En ...)
- u-boot <unfixed> (unimportant)
NOTE: https://github.com/AzhariRamadhan/CVE-2025-45512
- NOTE: Disputable security impact; rely on system level access to
bootloader
+ NOTE: Disputable security impact and not considered a security issue by
upstream;
+ NOTE: relies on system level access to bootloader for exploitation.
CVE-2025-44964 (A lack of SSL certificate validation in BlueStacks v5.20
allows attack ...)
NOT-FOR-US: BlueStacks
CVE-2025-43980 (An issue was discovered on FIRSTNUM JC21A-04 devices through
2.01ME/FN ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/245f49d08a16b28fadd278813ed3c21da9524abf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/245f49d08a16b28fadd278813ed3c21da9524abf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
