[Git][security-tracker-team/security-tracker][master] Add two new incus issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 25 21:49:38 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9102200 by Salvatore Bonaccorso at 2025-06-25T22:49:13+02:00
Add two new incus issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -88,9 +88,15 @@ CVE-2025-52894 (OpenBao exists to provide a software solution to manage, store,
 CVE-2025-52893 (OpenBao exists to provide a software solution to manage, store, and di ...)
 	- openbao <itp> (bug #1069794)
 CVE-2025-52890 (Incus is a system container and virtual machine manager. When using an ...)
-	TODO: check
+	- incus <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/lxc/incus/security/advisories/GHSA-p7fw-vjjm-2rwp
+	NOTE: Introduced with: https://github.com/lxc/incus/commit/d137a063c2fe2a6983c995ba75c03731bee1557d (v6.12.0)
+	NOTE: Fixed by: https://github.com/lxc/incus/commit/254dfd2483ab8de39b47c2258b7f1cf0759231c8
 CVE-2025-52889 (Incus is a system container and virtual machine manager. When using an ...)
-	TODO: check
+	- incus <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/lxc/incus/security/advisories/GHSA-9q7c-qmhm-jv86
+	NOTE: Introduced with: https://github.com/lxc/incus/commit/a7c33301738aede3c035063e973b1d885d9bac7c (v6.12.0)
+	NOTE: Fixed by: https://github.com/lxc/incus/commit/2516fb19ad8428454cb4edfe70c0a5f0dc1da214
 CVE-2025-52576 (Kanboard is project management software that focuses on the Kanban met ...)
 	TODO: check
 CVE-2025-52569 (GitForge.jl is a unified interface for interacting with Git "forges."  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9102200e70c485bc51c720a169b8e1bea3eeff4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9102200e70c485bc51c720a169b8e1bea3eeff4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250625/66c361cb/attachment.htm>

More information about the debian-security-tracker-commits mailing list