[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-59825/rust-astral-tokio-tar
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 26 19:41:49 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d4923034 by Salvatore Bonaccorso at 2025-09-26T20:41:18+02:00
Track fixed version for CVE-2025-59825/rust-astral-tokio-tar
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -796,7 +796,7 @@ CVE-2023-47538
CVE-2017-20200 (A vulnerability has been found in Coinomi up to 1.7.6. This issue affe ...)
NOT-FOR-US: Coinomi
CVE-2025-59825 (astral-tokio-tar is a tar archive reading/writing library for async Ru ...)
- - rust-astral-tokio-tar <unfixed> (bug #1116337)
+ - rust-astral-tokio-tar 0.5.5-1 (bug #1116337)
NOTE: https://github.com/advisories/GHSA-3wgq-wrwc-vqmv
NOTE: https://github.com/astral-sh/tokio-tar/commit/036fdecc85c52458ace92dc9e02e9cef90684e75 (v0.5.4)
CVE-2025-10894 (Malicious code was inserted into the Nx (build system) package and sev ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4923034dfe43a74e4e3715c7d547119643a5dec
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4923034dfe43a74e4e3715c7d547119643a5dec
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250926/709e4f47/attachment.htm>
More information about the debian-security-tracker-commits
mailing list