[Git][security-tracker-team/security-tracker][master] mark tar as non issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Aug 17 12:23:06 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c7ced93b by Moritz Muehlenhoff at 2025-08-17T13:22:44+02:00
mark tar as non issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10015,10 +10015,9 @@ CVE-2025-47963 (No cwe for this issue in Microsoft Edge (Chromium-based) allows
CVE-2025-47182 (Improper input validation in Microsoft Edge (Chromium-based) allows an ...)
NOT-FOR-US: Microsoft
CVE-2025-45582 (GNU Tar through 1.35 allows file overwrite via directory traversal in ...)
- - tar <unfixed>
- [bullseye] - tar <postponed> (Minor issue)
+ NOTE: Disputed tar issue, works as documented per upstream:
+ NOTE: https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html
NOTE: https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md
- TODO: check details
CVE-2025-43856 (immich is a high performance self-hosted photo and video management so ...)
NOT-FOR-US: immich
CVE-2025-3933 (A Regular Expression Denial of Service (ReDoS) vulnerability was disco ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7ced93b200a7f064ac017344783180cf75f048c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7ced93b200a7f064ac017344783180cf75f048c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250817/949e3fc5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list