[Git][security-tracker-team/security-tracker][master] Add CVE-2025-7039/glib2.0
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Aug 9 14:46:47 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
07cf6c32 by Salvatore Bonaccorso at 2025-08-09T15:46:35+02:00
Add CVE-2025-7039/glib2.0
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,10 @@
+CVE-2025-7039 [buffer underrun in get_tmp_file()]
+ - glib2.0 2.84.4-1 (bug #1110640)
+ [trixie] - glib2.0 <no-dsa> (Minor issue)
+ [bookworm] - glib2.0 <no-dsa> (Minor issue)
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/3716
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4674
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/glib/-/commit/61e963284889ddb4544e6f1d5261c16120f6fcc3 (2.85.2)
CVE-2025-8749 (Path Traversal vulnerability in API Endpoint in Mobile Industrial Robo ...)
NOT-FOR-US: Mobile Industrial Robots (MiR)
CVE-2025-8748 (MiR software versions prior to version 3.0.0 are affected by a command ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07cf6c3242843aacfa49066fd41bc91d8d2baea4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07cf6c3242843aacfa49066fd41bc91d8d2baea4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250809/5dd695fa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list