[Git][security-tracker-team/security-tracker][master] Mark CVE-2025-14104 as unimportant
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 5 15:17:46 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0ff6bbb2 by Salvatore Bonaccorso at 2026-03-05T16:16:51+01:00
Mark CVE-2025-14104 as unimportant
Thanks: Santiago Ruano Rincón for the discussion around it.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39418,15 +39418,15 @@ CVE-2025-34257 (Advantech WISE-DeviceOn Server versions prior to 5.4contain a st
CVE-2025-34256 (Advantech WISE-DeviceOn Server versions prior to 5.4contain a hard-cod ...)
NOT-FOR-US: Advantech
CVE-2025-14104 (A flaw was found in util-linux. This vulnerability allows a heap buffe ...)
- - util-linux 2.41.3-1 (bug #1122058)
- [trixie] - util-linux <no-dsa> (Minor issue)
- [bookworm] - util-linux <no-dsa> (Minor issue)
- [bullseye] - util-linux <postponed> (Minor issue)
+ - util-linux 2.41.3-1 (bug #1122058; unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2419369
NOTE: https://github.com/util-linux/util-linux/issues/3585
NOTE: https://github.com/util-linux/util-linux/pull/3586
NOTE: Fixed by: https://github.com/util-linux/util-linux/commit/aaa9e718c88d6916b003da7ebcfe38a3c88df8e6
NOTE: Fixed by: https://github.com/util-linux/util-linux/commit/9a36d77012c4c771f8d51eba46b6e62c29bf572a
+ NOTE: Affected code in setpwnam() is only used by chsh and chfn which are not build
+ NOTE: in any Debian released binary package from src:util-linux and explicitly configured
+ NOTE: as with --disable-chfn-chsh since 2.25-1.
CVE-2025-14094 (A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected elem ...)
NOT-FOR-US: Edimax
CVE-2025-14093 (A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted i ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff6bbb2b53f4b16d7bf78f21228f03f60d7e72e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff6bbb2b53f4b16d7bf78f21228f03f60d7e72e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260305/f570a0b0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list