[Git][security-tracker-team/security-tracker][master] CVE-2025-2581 add note
Bastien Roucariès (@rouca)
rouca at debian.org
Mon Jun 9 22:12:47 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a20064aa by Bastien Roucariès at 2025-06-09T23:11:43+02:00
CVE-2025-2581 add note
According to patch, this is overflow issue that exist only when sizeof(size_t) < sizeof(uint64_t)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26010,6 +26010,7 @@ CVE-2025-2581 (A vulnerability has been found in xmedcon 0.25.0 and classified a
[bullseye] - xmedcon <postponed> (Minor issue)
NOTE: https://xmedcon.sourceforge.io/Main/New
NOTE: https://sourceforge.net/p/xmedcon/code/ci/e7a88836fc2277f8ab777f3ef24f917d08415559/
+ NOTE: affects only arches where int64_t != size_t (32 bits arches)
CVE-2025-2574 (Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect i ...)
- xpdf <not-affected> (Debian uses poppler)
CVE-2025-2538 (A hardcoded credential vulnerability exists in a specific deployment p ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a20064aacc40080f8ae798ed87992223cabeec12
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a20064aacc40080f8ae798ed87992223cabeec12
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250609/4b496cab/attachment.htm>
More information about the debian-security-tracker-commits
mailing list