Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7abe5611 by Thorsten Alteholz at 2025-09-30T19:28:12+02:00
Reserve DLA-4316-1 for open-vm-tools
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -313,7 +313,6 @@ CVE-2025-41244 (VMware Aria Operations and VMware Tools
contain a local privileg
- open-vm-tools <unfixed>
[trixie] - open-vm-tools <no-dsa> (Will be fixed via point release)
[bookworm] - open-vm-tools <no-dsa> (Will be fixed via point release)
- [bullseye] - open-vm-tools <postponed> (local user exploit; need access
to hypervisor)
NOTE: https://github.com/vmware/open-vm-tools/tree/CVE-2025-41244.patch
NOTE:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149
CVE-2025-9904 (Unallocated memory access vulnerability in print processing of
Generic ...)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Sep 2025] DLA-4316-1 open-vm-tools - security update
+ {CVE-2025-41244}
+ [bullseye] - open-vm-tools 2:11.2.5-2+deb11u5
[30 Sep 2025] DLA-4315-1 tiff - security update
{CVE-2024-13978 CVE-2025-9900}
[bullseye] - tiff 4.2.0-1+deb11u7
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7abe561175d0ef21a4cd2a9b9afb7bb6b48676f5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7abe561175d0ef21a4cd2a9b9afb7bb6b48676f5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
