Bug#1064229: firmware-nonfree: CVE-2023-35061 CVE-2023-34983 CVE-2023-33875 CVE-2023-32651 CVE-2023-32644 CVE-2023-32642 CVE-2023-28720 CVE-2023-28374 CVE-2023-26586 CVE-2023-25951
Control: retitle -1 firmware-nonfree: CVE-2023-35061
Hi Ben,
On Sun, Jun 30, 2024 at 08:42:32PM +0200, Ben Hutchings wrote:
> On Sun, 18 Feb 2024 20:45:07 +0100 Salvatore Bonaccorso
> <carnil@debian.org> wrote:
> > Source: firmware-nonfree
> > Version: 20230625-2
> > Severity: important
> > Tags: security upstream
> > X-Debbugs-Cc: carnil@debian.org, Debian Security Team
> <team@security.debian.org>
> >
> > Hi,
> >
> > The following vulnerabilities were published for firmware-nonfree.
> >
> > They are addressed in the linux-firmware/20231211 upstream version.
> [...]
>
> According to
> <https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html>
> only CVE-2023-35061 affects Linux (presumably the other issues are in
> the Windows driver, not the firmware).
You are right. I'm not sure if that information was already
availablewhen filling the bug, bug surely I will now fix the tracker
information then to only reflect it for CVE-2023-35061.
Thanks for the headsup!
Salvatore
Reply to: