[Git][security-tracker-team/security-tracker][master] Track fixed version for two cloud-init issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 9 06:20:07 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd3509a1 by Salvatore Bonaccorso at 2025-07-09T07:19:40+02:00
Track fixed version for two cloud-init issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3789,7 +3789,7 @@ CVE-2025-30131 (An issue was discovered on IROAD Dashcam FX2 devices. An unauthe
CVE-2025-29331 (An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote a ...)
NOT-FOR-US: MHSanaei 3x-ui
CVE-2024-6174 (When a non-x86 platform is detected, cloud-init grants root access to ...)
- - cloud-init <unfixed> (bug #1108403)
+ - cloud-init 25.1.4-1 (bug #1108403)
NOTE: Fixed by: https://github.com/canonical/cloud-init/commit/f43937f0b462734eb9c76700491c18fe4133c8e1 (25.1.3)
NOTE: https://github.com/advisories/GHSA-w8g9-wp36-fchj
CVE-2024-56915 (Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Si ...)
@@ -3797,7 +3797,7 @@ CVE-2024-56915 (Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cr
CVE-2024-52928 (Arc before 1.26.1 on Windows has a bypass issue in the site settings t ...)
NOT-FOR-US: Arc Browser
CVE-2024-11584 (cloud-initthrough 25.1.2 includes the systemd socket unitcloud-init-ho ...)
- - cloud-init <unfixed> (bug #1108402)
+ - cloud-init 25.1.4-1 (bug #1108402)
NOTE: Fixed by: https://github.com/canonical/cloud-init/commit/4839736429e9057a309ccd835cb3159fb51b1353 (25.1.3)
NOTE: https://github.com/canonical/cloud-init/pull/6265
NOTE: https://github.com/advisories/GHSA-3xmh-hrxh-fx8j
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd3509a1430c9b154c03b65882c28f1f4d554d27
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd3509a1430c9b154c03b65882c28f1f4d554d27
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250709/e78c152c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list