[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-53022

Sat Aug 9 06:35:07 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
603633f2 by Salvatore Bonaccorso at 2025-08-09T07:34:31+02:00
Update status for CVE-2025-53022

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2074,7 +2074,8 @@ CVE-2025-53112 (GLPI is a Free Asset and IT Management Software package, that pr
 CVE-2025-53111 (GLPI is a Free Asset and IT Management Software package. In versions 0 ...)
 	- glpi <removed>
 CVE-2025-53022 (TrustedFirmware-M (aka Trusted Firmware for M profile Arm CPUs) before ...)
-	TODO: check
+	- arm-trusted-firmware <not-affected> (This affects FT-M, Debian ships TF-A)
+	NOTE: https://trustedfirmware-m.readthedocs.io/en/latest/security/security_advisories/fwu_tlv_payload_out_of_bounds_vulnerability.html
 CVE-2025-53008 (GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asse ...)
 	- glpi <removed>
 CVE-2025-52897 (GLPI is a Free Asset and IT Management Software package. In versions 9 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/603633f256e4ac4a2ed06d2cb517e02e18236bc9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/603633f256e4ac4a2ed06d2cb517e02e18236bc9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250809/83a77546/attachment.htm>
