We aren't looking at these. It's not productive to fix this kind of thing for two reasons: 1. They are not real problems for real users. 2. If we fix them, the people who come up with them will instantly submit a dozen more.
On Sun, Mar 8, 2026 at 11:46 PM Laiju C Babu <[email protected]> wrote: > > Hi team, > > Have you had a chance to look at my previous email related to vulnerability? > > Regards > Laiju C Babu > > -----Original Message----- > From: [email protected] > <[email protected]> On Behalf Of Laiju C Babu > Sent: Thursday, March 5, 2026 3:40 PM > To: Friedrich Beckmann <[email protected]> > Cc: [email protected]; [email protected]; Dijith Gopalakrishnan > <[email protected]> > Subject: RE: PSPP installation query > > This message may not have been sent from Laiju C Babu <[email protected]>. > This might be a phishing message and potentially unsafe. THINK BEFORE YOU > CLICK ON LINKS OR OPEN ATTACHMENTS. Please contact your local service desk > with any concerns. > > Hi, > > As per your awareness does these vulnerabilities possess any potential threat > to Windows 11 Desktop OS. > > As per the site the triggering point for all these vulnerabilities is > libpspp-core.a but we cannot see such file in the PSPP installation directory > in Windows desktop. > > Laiju C Babu > > -----Original Message----- > From: Friedrich Beckmann <[email protected]> > Sent: Thursday, March 5, 2026 3:25 PM > To: Laiju C Babu <[email protected]> > Cc: [email protected]; [email protected]; Dijith Gopalakrishnan > <[email protected]> > Subject: Re: PSPP installation query > > [You don't often get email from [email protected]. Learn why this is > important at https://aka.ms/LearnAboutSenderIdentification ] > > Hi, > > no. I did not look into those. We have many friends of fuzzing who figure out > malformed syntax or malformed files that result in a crash of pspp. So this > can happen. > > Best regards > > Friedrich > > > > Am 05.03.2026 um 10:45 schrieb Laiju C Babu <[email protected]>: > > > > Hi Friedrich, > > > > Thanks for your reply. Silent installation is working with the binary > > (2.0.1) which you provided. Thanks for your help . > > Could you please confirm the status of following vulnerabilities reported > > on this version? Does these vulnerabilities are applicable to Windows 11 > > Desktop OS? > > > > CVE-2025-48188 --- medium ---- > > https://sava/ > > nnah.gnu.org%2Fbugs%2F%3F67079&data=05%7C02%7CLaiju.C.Babu1%40ey.com%7 > > C3d8527010c8f46e2ea3408de7a9d49f5%7C5b973f9977df4bebb27daa0c70b8482c%7 > > C0%7C0%7C639083013177282212%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn > > RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3 > > D%3D%7C0%7C%7C%7C&sdata=afSGuO1PH8wv5T4aH7war35e2jGAwucJsHO0r5zo%2BgU% > > 3D&reserved=0 > > CVE-2025-47816 --- critical ---- > > https://sava/ > > nnah.gnu.org%2Fbugs%2F%3F67073&data=05%7C02%7CLaiju.C.Babu1%40ey.com%7 > > C3d8527010c8f46e2ea3408de7a9d49f5%7C5b973f9977df4bebb27daa0c70b8482c%7 > > C0%7C0%7C639083013177316271%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn > > RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3 > > D%3D%7C0%7C%7C%7C&sdata=L9RJJVS5a%2FyNg2kuuegEjqH1DgwFuU%2FRCkAH7V%2F4 > > aGY%3D&reserved=0 > > CVE-2025-47815 ---- critical --- > > https://sava/ > > nnah.gnu.org%2Fbugs%2F%3F67075&data=05%7C02%7CLaiju.C.Babu1%40ey.com%7 > > C3d8527010c8f46e2ea3408de7a9d49f5%7C5b973f9977df4bebb27daa0c70b8482c%7 > > C0%7C0%7C639083013177341451%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn > > RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3 > > D%3D%7C0%7C%7C%7C&sdata=wjKCOgZ%2BrhPH4eXg0gF0P8ahBPOP%2FeRY6bbI8jDAmB > > E%3D&reserved=0 > > CVE-2025-47814 --- critical -- > > https://sava/ > > nnah.gnu.org%2Fbugs%2F%3F67074&data=05%7C02%7CLaiju.C.Babu1%40ey.com%7 > > C3d8527010c8f46e2ea3408de7a9d49f5%7C5b973f9977df4bebb27daa0c70b8482c%7 > > C0%7C0%7C639083013177363471%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn > > RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3 > > D%3D%7C0%7C%7C%7C&sdata=77wegXLMlO0ObdrvUafpS%2Fsbky29%2B8m1uyh%2FZ4yi > > 0o8%3D&reserved=0 > > > > Regards > > Laiju C Babu > > > > > > Any tax advice in this e-mail should be considered in the context of the tax > services we are providing to you. Preliminary tax advice should not be relied > upon and may be insufficient for penalty protection. > ________________________________________________________________________ > The information contained in this message may be privileged and confidential > and protected from disclosure. If the reader of this message is not the > intended recipient, or an employee or agent responsible for delivering this > message to the intended recipient, you are hereby notified that any > dissemination, distribution or copying of this communication is strictly > prohibited. If you have received this communication in error, please notify > us immediately by replying to the message and deleting it from your computer. > > Notice required by law: This e-mail may constitute an advertisement or > solicitation under U.S. law, if its primary purpose is to advertise or > promote a commercial product or service. You may choose not to receive > advertising and promotional messages from Ernst & Young LLP (except for My > EY, which tracks e-mail preferences through a separate process) at this > e-mail address by opting out of emails through EY’s Email Preference > Center<https://www.ey.com/en_us/email-preference-center>. Our principal > postal address is One Manhattan West, New York, NY 10001. Thank you. Ernst & > Young LLP > > > Any tax advice in this e-mail should be considered in the context of the tax > services we are providing to you. Preliminary tax advice should not be relied > upon and may be insufficient for penalty protection. > ________________________________________________________________________ > The information contained in this message may be privileged and confidential > and protected from disclosure. If the reader of this message is not the > intended recipient, or an employee or agent responsible for delivering this > message to the intended recipient, you are hereby notified that any > dissemination, distribution or copying of this communication is strictly > prohibited. If you have received this communication in error, please notify > us immediately by replying to the message and deleting it from your computer. > > Notice required by law: This e-mail may constitute an advertisement or > solicitation under U.S. law, if its primary purpose is to advertise or > promote a commercial product or service. You may choose not to receive > advertising and promotional messages from Ernst & Young LLP (except for My > EY, which tracks e-mail preferences through a separate process) at this > e-mail address by opting out of emails through EY’s Email Preference > Center<https://www.ey.com/en_us/email-preference-center>. Our principal > postal address is One Manhattan West, New York, NY 10001. Thank you. Ernst & > Young LLP
