[Git][security-tracker-team/security-tracker][master] Add new fig2dev issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 24 09:26:04 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8ea2fc88 by Salvatore Bonaccorso at 2025-04-24T10:25:28+02:00
Add new fig2dev issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,13 +3,22 @@ CVE-2025-46419 (Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed E
CVE-2025-46417 (The unsafe globals in Picklescan before 0.0.25 do not include ssl. Con ...)
TODO: check
CVE-2025-46400 (Segmentation fault in fig2dev in version 3.2.9a allows an attacker to ...)
- TODO: check
+ - fig2dev <unfixed>
+ NOTE: https://sourceforge.net/p/mcj/tickets/187/
+ NOTE: Fixed by: https://sourceforge.net/p/mcj/fig2dev/ci/1e5515a1ea2ec8651cf85ab5000d026bb962492a/
+ NOTE: Fixed by: https://sourceforge.net/p/mcj/fig2dev/ci/c4465e0d9af89d9738aad31c2d0873ac1fa03c96/
CVE-2025-46399 (Segmentation fault in fig2dev in version 3.2.9aallows an attacker to a ...)
- TODO: check
+ - fig2dev <unfixed>
+ NOTE: https://sourceforge.net/p/mcj/tickets/190/
+ NOTE: Fixed by: https://sourceforge.net/p/mcj/fig2dev/ci/2bd6c0b210916d0d3ca81f304535b5af0849aa93/
CVE-2025-46398 (Stack-overflowin fig2dev in version 3.2.9a allows an attacker possible ...)
- TODO: check
+ - fig2dev <unfixed>
+ NOTE: https://sourceforge.net/p/mcj/tickets/191/
+ NOTE: Fixed by: https://sourceforge.net/p/mcj/fig2dev/ci/5f22009dba73922e98d49c0096cece8b215cd45b/
CVE-2025-46397 (Stack-overflowin fig2dev in version 3.2.9a allows an attacker possible ...)
- TODO: check
+ - fig2dev <unfixed>
+ NOTE: https://sourceforge.net/p/mcj/tickets/192/
+ NOTE: Fixed by: https://sourceforge.net/p/mcj/fig2dev/ci/dfa8b661b506a463a669754ed635b0a8eb67580e/
CVE-2025-46381
REJECTED
CVE-2025-46380
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ea2fc88883052fed5ca8c6d3899733fbf156878
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ea2fc88883052fed5ca8c6d3899733fbf156878
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250424/5a3a6542/attachment.htm>
More information about the debian-security-tracker-commits
mailing list