mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-28 18:02:38 +02:00
grype: Ignore CVE-2025-0665
Some checks failed
Tests / macOS (x86_64) (push) Has been cancelled
Build dev environments / Build dev-env (debian-bookworm) (push) Has been cancelled
Build dev environments / Build dev-env (debian-bullseye) (push) Has been cancelled
Build dev environments / Build dev-env (debian-trixie) (push) Has been cancelled
Build dev environments / Build dev-env (fedora-40) (push) Has been cancelled
Build dev environments / Build dev-env (fedora-41) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-20.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-22.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-24.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-24.10) (push) Has been cancelled
Build dev environments / build-container-image (push) Has been cancelled
Tests / run-lint (push) Has been cancelled
Tests / build-container-image (push) Has been cancelled
Tests / Download and cache Tesseract data (push) Has been cancelled
Tests / check-reproducibility (push) Has been cancelled
Scan latest app and container / security-scan-container (push) Has been cancelled
Scan latest app and container / security-scan-app (push) Has been cancelled
Tests / windows (push) Has been cancelled
Tests / macOS (arch64) (push) Has been cancelled
Tests / build-deb (debian bookworm) (push) Has been cancelled
Tests / build-deb (debian bullseye) (push) Has been cancelled
Tests / build-deb (debian trixie) (push) Has been cancelled
Tests / build-deb (ubuntu 20.04) (push) Has been cancelled
Tests / build-deb (ubuntu 22.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.10) (push) Has been cancelled
Tests / install-deb (debian bookworm) (push) Has been cancelled
Tests / install-deb (debian bullseye) (push) Has been cancelled
Tests / install-deb (debian trixie) (push) Has been cancelled
Tests / install-deb (ubuntu 20.04) (push) Has been cancelled
Tests / install-deb (ubuntu 22.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.10) (push) Has been cancelled
Tests / build-install-rpm (fedora 40) (push) Has been cancelled
Tests / build-install-rpm (fedora 41) (push) Has been cancelled
Tests / run tests (debian bookworm) (push) Has been cancelled
Tests / run tests (debian bullseye) (push) Has been cancelled
Tests / run tests (debian trixie) (push) Has been cancelled
Tests / run tests (fedora 40) (push) Has been cancelled
Tests / run tests (fedora 41) (push) Has been cancelled
Tests / run tests (ubuntu 20.04) (push) Has been cancelled
Tests / run tests (ubuntu 22.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.10) (push) Has been cancelled
Some checks failed
Tests / macOS (x86_64) (push) Has been cancelled
Build dev environments / Build dev-env (debian-bookworm) (push) Has been cancelled
Build dev environments / Build dev-env (debian-bullseye) (push) Has been cancelled
Build dev environments / Build dev-env (debian-trixie) (push) Has been cancelled
Build dev environments / Build dev-env (fedora-40) (push) Has been cancelled
Build dev environments / Build dev-env (fedora-41) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-20.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-22.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-24.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-24.10) (push) Has been cancelled
Build dev environments / build-container-image (push) Has been cancelled
Tests / run-lint (push) Has been cancelled
Tests / build-container-image (push) Has been cancelled
Tests / Download and cache Tesseract data (push) Has been cancelled
Tests / check-reproducibility (push) Has been cancelled
Scan latest app and container / security-scan-container (push) Has been cancelled
Scan latest app and container / security-scan-app (push) Has been cancelled
Tests / windows (push) Has been cancelled
Tests / macOS (arch64) (push) Has been cancelled
Tests / build-deb (debian bookworm) (push) Has been cancelled
Tests / build-deb (debian bullseye) (push) Has been cancelled
Tests / build-deb (debian trixie) (push) Has been cancelled
Tests / build-deb (ubuntu 20.04) (push) Has been cancelled
Tests / build-deb (ubuntu 22.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.10) (push) Has been cancelled
Tests / install-deb (debian bookworm) (push) Has been cancelled
Tests / install-deb (debian bullseye) (push) Has been cancelled
Tests / install-deb (debian trixie) (push) Has been cancelled
Tests / install-deb (ubuntu 20.04) (push) Has been cancelled
Tests / install-deb (ubuntu 22.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.10) (push) Has been cancelled
Tests / build-install-rpm (fedora 40) (push) Has been cancelled
Tests / build-install-rpm (fedora 41) (push) Has been cancelled
Tests / run tests (debian bookworm) (push) Has been cancelled
Tests / run tests (debian bullseye) (push) Has been cancelled
Tests / run tests (debian trixie) (push) Has been cancelled
Tests / run tests (fedora 40) (push) Has been cancelled
Tests / run tests (fedora 41) (push) Has been cancelled
Tests / run tests (ubuntu 20.04) (push) Has been cancelled
Tests / run tests (ubuntu 22.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.10) (push) Has been cancelled
Ignore the CVE-2025-0665 vulnerability, since it's a libcurl one, and the Dangerzone container does not make network calls. Also, it seems that Debian Bookworm is not affected.
This commit is contained in:
Alex Pyrgiotis
parent
88a6b37770
commit
856de3fd46
1 changed files with 9 additions and 0 deletions
|
|
@ -37,3 +37,12 @@ ignore:
|
||||||
# [bookworm] - raptor2 <postponed> (Minor issue, revisit when fixed upstream)
|
# [bookworm] - raptor2 <postponed> (Minor issue, revisit when fixed upstream)
|
||||||
#
|
#
|
||||||
- vulnerability: CVE-2024-57823
|
- vulnerability: CVE-2024-57823
|
||||||
|
# CVE-2025-0665
|
||||||
|
# ==============
|
||||||
|
#
|
||||||
|
# Debian tracker: https://security-tracker.debian.org/tracker/CVE-2025-0665
|
||||||
|
# Verdict: Dangerzone is not affected because the vulnerable code is not
|
||||||
|
# present in Debian Bookworm. Also, libcurl is an HTTP client, and the
|
||||||
|
# Dangerzone container does not make any network calls.
|
||||||
|
- vulnerability: CVE-2025-0665
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue