[BSA-125] Security Update for incus

To: debian-backports-announce@lists.debian.org
Subject: [BSA-125] Security Update for incus
From: Mathias Gibbens <gibmat@debian.org>
Date: Fri, 17 Oct 2025 13:55:17 +0000
Message-id: <[🔎] 789f2b3a9ec499d51c82978b7c3a84c188107bae.camel@debian.org>
Mail-followup-to: debian-backports@lists.debian.org

Mathias Gibbens uploaded new packages for incus which fixed the
following security problems:

CVE ID         : CVE-2025-54286 CVE-2025-54287 CVE-2025-54288
                 CVE-2025-54289 CVE-2025-54290 CVE-2025-54291
                 CVE-2025-54293

Multiple security issues were discovered in Incus, a system container
and virtual machine manager, which could result in file disclosure,
information disclosure, privilege escalation or cross-site request
forgery.

For the bookworm-backports distribution the problems have been fixed in
version 6.0.4-2+deb13u1~bpo12+1.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Index(es):
- Date
- Thread