[Git][security-tracker-team/security-tracker][master] Update metadata for containerd update via DSA 6067-1
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 31 14:55:21 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
29ba79e2 by Salvatore Bonaccorso at 2026-01-31T15:52:14+01:00
Update metadata for containerd update via DSA 6067-1
The update claimed as well in changelog to address both CVE-2024-25621
and CVE-2025-64329 for both trixie and bookworm.
But this was true only for the trixie update, the containerd update for
bookworm contained a fix for CVE-2024-40635 and additionally the one for
CVE-2024-25621 but not CVE-2025-64329.
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33069,8 +33069,9 @@ CVE-2025-64338 (ClipBucket v5 is an open source video sharing platform. In versi
CVE-2025-64336 (ClipBucket v5 is an open source video sharing platform. In versions 5. ...)
NOT-FOR-US: ClipBucket
CVE-2025-64329 (containerd is an open-source container runtime. Versions 1.7.28 and be ...)
- {DSA-6067-1}
- containerd 1.7.24~ds1-10 (bug #1120343)
+ [trixie] - containerd 1.7.24~ds1-6+deb13u1
+ [bookworm] - containerd <no-dsa> (Minor issue)
NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2
NOTE: https://github.com/containerd/containerd/commit/a0d0f0ef68935338d2c710db164fa7820f692530 (v2.2.0)
NOTE: https://github.com/containerd/containerd/commit/c575d1b5f4011f33b32f71ace75367a92b08c750 (v1.7.29)
@@ -111559,7 +111560,7 @@ CVE-2024-56498
CVE-2024-40635 (containerd is an open-source container runtime. A bug was found in con ...)
{DLA-4153-1}
- containerd 1.7.24~ds1-6 (bug #1100806)
- [bookworm] - containerd <no-dsa> (Minor issue)
+ [bookworm] - containerd 1.6.20~ds1-1+deb12u2
NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-265r-hfxg-fhmg
NOTE: https://github.com/containerd/containerd/commit/11504c3fc5f45634f2d93d57743a998194430b82 (v1.7.27)
NOTE: https://github.com/containerd/containerd/commit/9639b9625554183d0c4d8d072dccb84fedd2320f (v1.6.38)
=====================================
data/DSA/list
=====================================
@@ -184,7 +184,7 @@
[bookworm] - xen 4.17.5+72-g01140da4e8-1
[trixie] - xen 4.20.2+7-g1badcf5035-0+deb13u1
[02 Dec 2025] DSA-6067-1 containerd - security update
- {CVE-2024-25621 CVE-2025-64329}
+ {CVE-2024-25621}
[bookworm] - containerd 1.6.20~ds1-1+deb12u2
[trixie] - containerd 1.7.24~ds1-6+deb13u1
[30 Nov 2025] DSA-6066-1 gnome-shell-extension-gsconnect - security update
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29ba79e2d263eaa62f35534fc52e9b49e58f16a9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29ba79e2d263eaa62f35534fc52e9b49e58f16a9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260131/b80c86fc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list