[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-58066/rust-ntpd via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Aug 31 07:28:50 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e7648a32 by Salvatore Bonaccorso at 2025-08-31T08:28:17+02:00
Track fixed version for CVE-2025-58066/rust-ntpd via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -42,7 +42,7 @@ CVE-2025-58068 (Eventlet is a concurrent networking library for Python. Prior to
CVE-2025-58067 (Basecamp's Google Sign-In adds Google sign-in to Rails applications. P ...)
NOT-FOR-US: Basecamp's Google Sign-In
CVE-2025-58066 (nptd-rs is a tool for synchronizing your computer's clock, implementin ...)
- - rust-ntpd <unfixed> (bug #1112511)
+ - rust-ntpd 1.6.2-1 (bug #1112511)
NOTE: https://github.com/pendulum-project/ntpd-rs/security/advisories/GHSA-4855-q42w-5vr4
NOTE: Fixed by: https://github.com/pendulum-project/ntpd-rs/commit/da37cf167736cbd4d7804b1ed7ceb572468298e0 (v1.6.2)
CVE-2025-57822 (Next.js is a React framework for building full-stack web applications. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7648a32b83d0f7fee9934feec56a20045278200
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7648a32b83d0f7fee9934feec56a20045278200
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250831/2d2d4efb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list