[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-29476/c-blosc2

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f6dbcb20 by Salvatore Bonaccorso at 2025-04-06T20:23:57+02:00
Update status for CVE-2025-29476/c-blosc2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -445,8 +445,9 @@ CVE-2025-2243 (A server-side request forgery (SSRF) 
vulnerability in Bitdefender
 CVE-2025-29477 (An issue in fluent-bit v.3.7.2 allows a local attacker to 
cause a deni ...)
        NOT-FOR-US: fluent-bit
 CVE-2025-29476 (Buffer Overflow vulnerability in compress_chunk_fuzzer with 
oss-fuzz o ...)
-       - c-blosc2 <unfixed> (bug #1102152)
+       - c-blosc2 2.17.1+ds-1 (bug #1102152)
        NOTE: https://github.com/Blosc/c-blosc2/issues/656
+       NOTE: https://github.com/Blosc/c-blosc2/pull/658
 CVE-2025-28146 (Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 
1.0.15 was  ...)
        NOT-FOR-US: Edimax
 CVE-2025-27520 (BentoML is a Python library for building online serving 
systems optimi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6dbcb202248aa3175ecc56b5db48f80c01946f7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6dbcb202248aa3175ecc56b5db48f80c01946f7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits