[Git][security-tracker-team/security-tracker][master] Track fixed version for some busybox issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f504c67 by Salvatore Bonaccorso at 2026-02-01T17:54:48+01:00
Track fixed version for some busybox issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32668,7 +32668,7 @@ CVE-2025-63149 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack over
 CVE-2025-63147 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow i ...)
 	NOT-FOR-US: Tenda
 CVE-2025-60876 (BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0  ...)
-	- busybox <unfixed> (bug #1120795)
+	- busybox 1:1.37.0-8 (bug #1120795)
 	[trixie] - busybox <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - busybox <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - busybox <postponed> (Minor issue, revisit when fixed upstream)
@@ -98255,7 +98255,7 @@ CVE-2024-22351 (IBM InfoSphere Information 11.7 Server does not invalidate sessi
 CVE-2024-12244 (An issue has been discovered in access controls could allow users to v ...)
 	- gitlab <not-affected> (Vulnerable code introduced later)
 CVE-2025-46394 (In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...)
-	- busybox <unfixed> (bug #1104008)
+	- busybox 1:1.37.0-8 (bug #1104008)
 	[trixie] - busybox <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - busybox <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - busybox <postponed> (Minor issue, terminal corruption, revisit when fixed upstream)
@@ -244576,7 +244576,7 @@ CVE-2023-46355 (In the module "CSV Feeds PRO" (csvfeeds) < 2.6.1 from Bl Modules
 CVE-2023-46349 (In the module "Product Catalog (CSV, Excel) Export/Update" (updateprod ...)
 	NOT-FOR-US: PrestaShop module
 CVE-2023-42366 (A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_ ...)
-	- busybox <unfixed> (bug #1059053)
+	- busybox 1:1.37.0-8 (bug #1059053)
 	[trixie] - busybox <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - busybox <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - busybox <postponed> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f504c6787892b7d163f9123f46562f6c5b5063a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f504c6787892b7d163f9123f46562f6c5b5063a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260201/8a02c2f1/attachment.htm>