[Git][security-tracker-team/security-tracker][master] Mark CVE-2025-14104 as unimportant

Thu, 05 Mar 2026 07:18:01 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0ff6bbb2 by Salvatore Bonaccorso at 2026-03-05T16:16:51+01:00
Mark CVE-2025-14104 as unimportant

Thanks: Santiago Ruano Rincón for the discussion around it.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39418,15 +39418,15 @@ CVE-2025-34257 (Advantech WISE-DeviceOn Server 
versions prior to 5.4contain a st
 CVE-2025-34256 (Advantech WISE-DeviceOn Server versions prior to 5.4contain a 
hard-cod ...)
        NOT-FOR-US: Advantech
 CVE-2025-14104 (A flaw was found in util-linux. This vulnerability allows a 
heap buffe ...)
-       - util-linux 2.41.3-1 (bug #1122058)
-       [trixie] - util-linux <no-dsa> (Minor issue)
-       [bookworm] - util-linux <no-dsa> (Minor issue)
-       [bullseye] - util-linux <postponed> (Minor issue)
+       - util-linux 2.41.3-1 (bug #1122058; unimportant)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2419369
        NOTE: https://github.com/util-linux/util-linux/issues/3585
        NOTE: https://github.com/util-linux/util-linux/pull/3586
        NOTE: Fixed by: 
https://github.com/util-linux/util-linux/commit/aaa9e718c88d6916b003da7ebcfe38a3c88df8e6
        NOTE: Fixed by: 
https://github.com/util-linux/util-linux/commit/9a36d77012c4c771f8d51eba46b6e62c29bf572a
+       NOTE: Affected code in setpwnam() is only used by chsh and chfn which 
are not build
+       NOTE: in any Debian released binary package from src:util-linux and 
explicitly configured
+       NOTE: as with --disable-chfn-chsh since 2.25-1.
 CVE-2025-14094 (A flaw has been found in Edimax BR-6478AC V3 1.0.15. The 
affected elem ...)
        NOT-FOR-US: Edimax
 CVE-2025-14093 (A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. 
Impacted i ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff6bbb2b53f4b16d7bf78f21228f03f60d7e72e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff6bbb2b53f4b16d7bf78f21228f03f60d7e72e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to