[Git][security-tracker-team/security-tracker][master] CVE-2025-48057/icinga2 does not affect the binaries in bookworm or bullseye

Adrian Bunk (@bunk) bunk at debian.org
Mon Jun 9 15:46:18 BST 2025 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab9ea8c2 by Adrian Bunk at 2025-06-09T17:45:45+03:00
CVE-2025-48057/icinga2 does not affect the binaries in bookworm or bullseye

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2864,6 +2864,8 @@ CVE-2025-48370 (auth-js is an isomorphic Javascript library for Supabase Auth. P
 	NOT-FOR-US: Supabase auth-js
 CVE-2025-48057 (Icinga 2 is a monitoring system which checks the availability of netwo ...)
 	- icinga2 2.14.6-1
+	[bookworm] - icinga2 <ignored> (If Icinga 2 is built with OpenSSL 1.1.0 or later, it is NOT affected by this issue.)
+	[bullseye] - icinga2 <ignored> (If Icinga 2 is built with OpenSSL 1.1.0 or later, it is NOT affected by this issue.)
 	NOTE: Fixed by: https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6
 	NOTE: Fixed by: https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb (master)
 	NOTE: Fixed by: https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f (v2.14.6)


=====================================
data/dla-needed.txt
=====================================
@@ -152,9 +152,6 @@ hdf5
   NOTE: 20250414: stable branches in single commits. They have reproducers though at:
   NOTE: 20250414: https://github.com/HDFGroup/cve_hdf5/
 --
-icinga2
-  NOTE: 20250609: Added by Front-Desk (rouca)
---
 icingaweb2
   NOTE: 20250421: Added by Front-Desk (rouca)
   NOTE: 20250603: I checked the CVEs fixed with the latest release but cannot find the related patches (dleidert)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab9ea8c2d79167aaefa7ea903b08f12dbb75e757

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab9ea8c2d79167aaefa7ea903b08f12dbb75e757
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250609/eec7e872/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list