[Git][security-tracker-team/security-tracker][master] Remove association with fail2ban for CVE-2025-45311
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 2 19:51:10 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
34d8960f by Salvatore Bonaccorso at 2025-12-02T20:50:18+01:00
Remove association with fail2ban for CVE-2025-45311
This was a bogus report against fail2ban. Ideally the CVE get rejected
(rquest to assigning CNA requested).
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -932,9 +932,7 @@ CVE-2025-46175 (Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is
CVE-2025-46174 (Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missin ...)
NOT-FOR-US: Ruoyi
CVE-2025-45311 (Insecure permissions in fail2ban-client v0.11.2 allows attackers with ...)
- - fail2ban <undetermined>
- NOTE: https://github.com/fail2ban/fail2ban/issues/4110
- TODO: check, upstream waiting on reporter, cf. https://github.com/fail2ban/fail2ban/issues/4110#issuecomment-3586321999
+ NOTE: Bogus report against fail2ban: https://github.com/fail2ban/fail2ban/issues/4110#issuecomment-3601428764
CVE-2025-3747
REJECTED
CVE-2025-2486 (The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34d8960fda36d145ba3ded42a0bc21ff944b811d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34d8960fda36d145ba3ded42a0bc21ff944b811d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251202/e895bcca/attachment.htm>
More information about the debian-security-tracker-commits
mailing list