[Git][security-tracker-team/security-tracker][master] Add CVE-2025-46400/xfig
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 15 09:49:31 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
45b9939a by Salvatore Bonaccorso at 2025-05-15T10:49:03+02:00
Add CVE-2025-46400/xfig
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6842,7 +6842,12 @@ CVE-2025-46419 (Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed E
CVE-2025-46417 (The unsafe globals in Picklescan before 0.0.25 do not include ssl. Con ...)
NOT-FOR-US: Picklescan
CVE-2025-46400 (In xfig diagramming tool, a segmentation fault while running fig2dev a ...)
- TODO: check
+ - xfig <unfixed> (unimportant)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2362054
+ NOTE: https://sourceforge.net/p/mcj/tickets/187/
+ NOTE: Error covered with: https://sourceforge.net/p/mcj/fig2dev/ci/1e5515a1ea2ec8651cf85ab5000d026bb962492a/
+ NOTE: Fixed by: https://sourceforge.net/p/mcj/fig2dev/ci/c4465e0d9af89d9738aad31c2d0873ac1fa03c96/
+ NOTE: Crash in CLI tool, no security impact
CVE-2025-46399
REJECTED
CVE-2025-46398
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45b9939a005964dd256ecfc8b5ce40359a85c7ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45b9939a005964dd256ecfc8b5ce40359a85c7ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250515/80b51cdf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list