[Git][security-tracker-team/security-tracker][master] Add CVE-2025-49133/libtpms
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 10 19:44:38 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f46cf27c by Salvatore Bonaccorso at 2025-06-10T20:44:09+02:00
Add CVE-2025-49133/libtpms
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,6 @@
+CVE-2025-49133 [Fix potential out-of-bound access & abort due to HMAC signing issue]
+ - libtpms <unfixed>
+ NOTE: Fixed by: https://github.com/stefanberger/libtpms/commit/9f9baccdba9cd3fc32f1355613abd094b21f7ba0 (v0.9.7)
CVE-2025-5952 (A vulnerability, which was classified as critical, has been found in Z ...)
NOT-FOR-US: Zend.To
CVE-2025-5945 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f46cf27c3c1687fa1d80c7f641071cf54bdc319c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f46cf27c3c1687fa1d80c7f641071cf54bdc319c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250610/c68d4c12/attachment.htm>
More information about the debian-security-tracker-commits
mailing list