Improve Release Changelog Generation

[bjoernricks]

What

Improve Release Changelog Generation

Why

Add a new CI workflow for showing the latest changelog independent of a release. Use git-cliff to generate a more flexible and improved release changelog.

References

https://jira.greenbone.net/browse/GEA-984

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 3 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 98ba05d.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

.github/workflows/changelog.yml

Package	Version	License	Issue Type
greenbone/actions/uv	3.*.*	Null	Unknown License

.github/workflows/release.yml

Package	Version	License	Issue Type
greenbone/actions/release-version	3.*.*	Null	Unknown License
greenbone/actions/uv	3.*.*	Null	Unknown License

Allowed Licenses: 0BSD, AGPL-3.0-or-later, Apache-2.0, BlueOak-1.0.0, BSD-2-Clause, BSD-3-Clause-Clear, BSD-3-Clause, BSL-1.0, CAL-1.0, CC-BY-3.0, CC-BY-4.0, CC-BY-SA-4.0, CC0-1.0, EPL-2.0, GPL-2.0-only, GPL-2.0-or-later, GPL-2.0, GPL-3.0-or-later, ISC, LGPL-2.0-only, LGPL-2.0-or-later, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-2.1, LGPL-3.0-only, LGPL-3.0, LGPL-3.0-or-later, MIT, MIT-CMU, MPL-1.1, MPL-2.0, OFL-1.1, PSF-2.0, Python-2.0, Python-2.0.1, Unicode-DFS-2016, Unlicense, Zlib, ZPL-2.1

OpenSSF Scorecard

Package	Version	Score	Details
actions/actions/checkout	4.*.*	🟢 6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 2 2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 3 7 existing vulnerabilities detected
actions/greenbone/actions/uv	3.*.*	Unknown	Unknown
actions/actions/checkout	4.*.*	🟢 6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 2 2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 3 7 existing vulnerabilities detected
actions/greenbone/actions/release-version	3.*.*	Unknown	Unknown
actions/greenbone/actions/uv	3.*.*	Unknown	Unknown

Scanned Files

• .github/workflows/changelog.yml
• .github/workflows/release.yml

[github-actions]

🔍 Vulnerabilities of harbor-os.greenbone.net/community/gvm-libs:904-merge-amd64

📦 Image Reference harbor-os.greenbone.net/community/gvm-libs:904-merge-amd64

digest	sha256:d6df6aa8735f720115a89b0e1f8701ba6f0fab7175ea7bdb2a8e2a709a00db04
vulnerabilities
size	69 MB
packages	201

📦 Base Image debian:testing-20250224-slim

also known as	testing-slim
digest	sha256:dd44ac7e9b6d7271b382c9bf5bce34920ecb1c3f2ec09426137a4e72de79fd11
vulnerabilities

libxml2 2.12.7+dfsg+really2.9.14-0.2+b2 (deb) pkg:deb/debian/[email protected]%2Bdfsg%2Breally2.9.14-0.2%2Bb2?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 12th percentile Description xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. [experimental] - libxml2 2.12.3+dfsg-0exp1 libxml2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238) Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b (v2.11.0) UAF DOM\XMLDocument xinclude php/php-src#17467 Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 12th percentile Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. libxml2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321) https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://www.openwall.com/lists/oss-security/2025/02/18/2 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8c8753ad5280ee13aee5eec9b0f6eee2ed920f57 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/858ca26c0689161a6b903a6682cc8a1cc10a0ea8 (v2.12.10) Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 12th percentile Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. libxml2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320) https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 https://www.openwall.com/lists/oss-security/2025/02/18/2 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5880a9a6bd97c0f9ac8fc4f30110fe023f484746 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/245b70d7d2768572ae1b05b3668ca858b9ec4ed4 (v2.12.10) Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.10% EPSS Percentile 43rd percentile Description An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. [experimental] - libxml2 2.12.5+dfsg-0exp1 libxml2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234) [bookworm] - libxml2 (Minor issue) [buster] - libxml2 (Minor issue) https://gitlab.gnome.org/GNOME/libxml2/-/issues/604 https://gitlab.gnome.org/GNOME/libxml2/-/commit/2b0aac140d739905c7848a42efc60bfe783a39b7 (v2.11.7) https://gitlab.gnome.org/GNOME/libxml2/-/commit/92721970884fcc13305cb8e23cdc5f0dd7667c2c (v2.12.5) Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.08% EPSS Percentile 37th percentile Description libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail." [experimental] - libxml2 2.12.3+dfsg-0exp1 libxml2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629) [bookworm] - libxml2 (Minor issue) [buster] - libxml2 (Minor issue, very hard/unlikely to trigger) https://gitlab.gnome.org/GNOME/libxml2/-/issues/583 Originally fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/d39f78069dff496ec865c73aa44d7110e429bce9 (v2.12.0) Introduced regression (and thus commit reverted temporarily upstream): https://gitlab.gnome.org/GNOME/libxml2/-/issues/634 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/30d7660ba87c8487b26582ccc050f4d2880ccb3c (v2.12.2) Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8707838e69f9c6e729c1d1d46bb3681d9e622be5 (v2.13.0) https://gitlab.gnome.org/GNOME/libxml2/-/issues/344 http://www.openwall.com/lists/oss-security/2023/10/06/5 Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.07% EPSS Percentile 34th percentile Description Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input. [experimental] - libxml2 2.12.3+dfsg-0exp1 libxml2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230) [bookworm] - libxml2 (Minor issue) [buster] - libxml2 (Minor issue) https://gitlab.gnome.org/GNOME/libxml2/-/issues/535 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/d0c3f01e110d54415611c5fa0040cdf4a56053f9 (v2.12.0) Followup: https://gitlab.gnome.org/GNOME/libxml2/-/commit/235b15a590eecf97b09e87bdb7e4f8333e9de129 (v2.12.0) Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.05% EPSS Percentile 20th percentile Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. libxml2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322) https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://www.openwall.com/lists/oss-security/2025/02/18/2 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c716d491dd2e67f08066f4dc0619efeb49e43e6 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/503f788e84f1c1f1d769c2c7258d77faee94b5a3 (v2.12.10) Affected range >=2.12.7+dfsg+really2.9.14-0.2 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 13th percentile Description An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. libxml2 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162) https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ddc7f13337c9fe7c6b6e616f404b0fffb8a5145 (v2.11.8) Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac5392a4e891b81e40e592c3ac6cb46016ce (v2.12.7) Crash in CLI tool, no security impact

libgcrypt20 1.11.0-7 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=1.11.0-7 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 18th percentile Description A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. libgcrypt20 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065683) [bookworm] - libgcrypt20 (Minor issue, revisit when fixed upstream) [bullseye] - libgcrypt20 (Minor issue) [buster] - libgcrypt20 (Minor issue; side-channel timing attack) https://bugzilla.redhat.com/show_bug.cgi?id=2268268 https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html https://github.com/tomato42/marvin-toolkit/tree/master/example/libgcrypt https://people.redhat.com/~hkario/marvin/ https://dev.gnupg.org/T7136 https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/17 Affected range >=1.11.0-7 Fixed version Not Fixed EPSS Score 0.33% EPSS Percentile 71st percentile Description cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation. libgcrypt20 (unimportant) libgcrypt11 (unimportant) gnupg1 (unimportant) gnupg (unimportant) https://github.com/weikengchen/attack-on-libgcrypt-elgamal https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html GnuPG uses ElGamal in hybrid mode only. This is not a vulnerability in libgcrypt, but in an application using it in an insecure manner, see also https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004401.html

libcap2 1:2.66-5+b1 (deb) pkg:deb/debian/libcap2@1:2.66-5%2Bb1?os_distro=trixie&os_name=debian&os_version=unstable Affected range <1:2.73-4 Fixed version 1:2.73-4 EPSS Score 0.04% EPSS Percentile 12th percentile Description The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames. libcap2 1:2.73-4 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098318) [bookworm] - libcap2 (Minor issue) https://bugzilla.openanolis.cn/show_bug.cgi?id=18804 Fixed by: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=1ad42b66c3567481cc5fa22fc1ba1556a316d878 (cap/v1.2.74-rc4)

coreutils 9.5-1+b1 (deb) pkg:deb/debian/[email protected]%2Bb1?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=9.5-1 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 5th percentile Description In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. coreutils (unimportant) http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html https://www.openwall.com/lists/oss-security/2018/01/04/3 Documentation patches proposed: https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html Neutralised by kernel hardening Affected range >=9.5-1 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 5th percentile Description chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. coreutils (low; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816320) [bookworm] - coreutils (Minor issue) [bullseye] - coreutils (Minor issue) [buster] - coreutils (Minor issue) [stretch] - coreutils (Minor issue) [jessie] - coreutils (Minor issue) [wheezy] - coreutils (Minor issue) Restricting ioctl on the kernel side seems the better approach, but rejected by Linux upstream Fixing this issue via setsid() would introduce regressions: https://www.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes

util-linux 2.40.4-5 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=2.40.4-5 Fixed version Not Fixed EPSS Score 0.05% EPSS Percentile 20th percentile Description A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. util-linux (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=2053151 https://lore.kernel.org/util-linux/[email protected]/T/#u util-linux/util-linux@faa5a3a util-linux in Debian does build with readline support but chfn and chsh are provided by src:shadow and util-linux is configured with --disable-chfn-chsh

sqlite3 3.46.1-2 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=3.46.1-2 Fixed version Not Fixed EPSS Score 0.28% EPSS Percentile 69th percentile Description A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect. sqlite3 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005974) sqlite (unimportant) https://github.com/guyinatuxedo/sqlite3_record_leaking https://bugzilla.redhat.com/show_bug.cgi?id=2054793 https://sqlite.org/forum/forumpost/056d557c2f8c452ed5bb9c215414c802b215ce437be82be047726e521342161e Negligible security impact

gnutls28 3.8.9-2 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=3.8.9-2 Fixed version Not Fixed EPSS Score 1.43% EPSS Percentile 87th percentile Description The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. sun-java6 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645881) [lenny] - sun-java6 (Non-free not supported) [squeeze] - sun-java6 (Non-free not supported) openjdk-6 6b23~pre11-1 openjdk-7 7~b147-2.0-1 iceweasel (Vulnerable code not present) http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ chromium-browser 15.0.874.106~r107270-1 [squeeze] - chromium-browser lighttpd 1.4.30-1 strictly speaking this is no lighttpd issue, but lighttpd adds a workaround curl 7.24.0-1 http://curl.haxx.se/docs/adv_20120124B.html python2.6 2.6.8-0.1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684511) [squeeze] - python2.6 (Minor issue) python2.7 2.7.3~rc1-1 python3.1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678998) [squeeze] - python3.1 (Minor issue) python3.2 3.2.3~rc1-1 http://bugs.python.org/issue13885 python3.1 is fixed starting 3.1.5 cyassl gnutls26 (unimportant) gnutls28 (unimportant) No mitigation for gnutls, it is recommended to use TLS 1.1 or 1.2 which is supported since 2.0.0 haskell-tls (unimportant) No mitigation for haskell-tls, it is recommended to use TLS 1.1, which is supported since 0.2 matrixssl (low) [squeeze] - matrixssl (Minor issue) [wheezy] - matrixssl (Minor issue) matrixssl fix this upstream in 3.2.2 bouncycastle 1.49+dfsg-1 [squeeze] - bouncycastle (Minor issue) [wheezy] - bouncycastle (Minor issue) No mitigation for bouncycastle, it is recommended to use TLS 1.1, which is supported since 1.4.9 nss 3.13.1.with.ckbi.1.88-1 https://bugzilla.mozilla.org/show_bug.cgi?id=665814 https://hg.mozilla.org/projects/nss/rev/7f7446fcc7ab polarssl (unimportant) No mitigation for polarssl, it is recommended to use TLS 1.1, which is supported in all releases tlslite [wheezy] - tlslite (Minor issue) pound 2.6-2 Pound 2.6-2 added an anti_beast.patch to mitigate BEAST attacks. erlang 1:15.b-dfsg-1 [squeeze] - erlang (Minor issue) asterisk 1:13.7.2dfsg-1 [jessie] - asterisk 1:11.13.1dfsg-2+deb8u1 [wheezy] - asterisk (Minor issue) [squeeze] - asterisk (Not supported in Squeeze LTS) http://downloads.digium.com/pub/security/AST-2016-001.html https://issues.asterisk.org/jira/browse/ASTERISK-24972 patch for 11 (jessie): https://code.asterisk.org/code/changelog/asterisk?cs=f233bcd81d85626ce5bdd27b05bc95d131faf3e4 all versions vulnerable, backport required for wheezy

openssl 3.4.1-1 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=3.2.2-1 Fixed version Not Fixed EPSS Score 0.07% EPSS Percentile 32nd percentile Description OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack." http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf openssl/openssl#24540 Fault injection based attacks are not within OpenSSLs threat model according to the security policy: https://www.openssl.org/policies/general/security-policy.html

pam 1.7.0-3 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=1.7.0-3 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 16th percentile Description A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals. pam (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087019) [bookworm] - pam (The vulnerable code was introduced in 1.5.3) [bullseye] - pam (The vulnerable code was introduced in 1.5.3) https://bugzilla.redhat.com/show_bug.cgi?id=2324291 pam_access.so considers tty* names as hostnames linux-pam/linux-pam#834 Introduced in linux-pam/linux-pam@23393be (v1.5.3)

perl 5.40.1-2 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=5.40.1-2 Fixed version Not Fixed EPSS Score 0.14% EPSS Percentile 52nd percentile Description _is_safe in the File::Temp module for Perl does not properly handle symlinks. perl (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776268) http://thread.gmane.org/gmane.comp.security.oss.general/6174/focus=6177 File:Temp::_is_safe() allows unsafe traversal of symlinks [rt.cpan.org #69106] Perl-Toolchain-Gang/File-Temp#14

tar 1.35+dfsg-3.1 (deb) pkg:deb/debian/[email protected]%2Bdfsg-3.1?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=1.35+dfsg-3.1 Fixed version Not Fixed EPSS Score 0.69% EPSS Percentile 80th percentile Description Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. This is intended behaviour, after all tar is an archiving tool and you need to give -p as a command line flag tar (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328228; unimportant)

glib2.0 2.84.0-1 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range >=2.84.0-1 Fixed version Not Fixed EPSS Score 0.16% EPSS Percentile 53rd percentile Description GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application. glib2.0 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655044)

krb5 1.21.3-4 (deb) pkg:deb/debian/[email protected]?os_distro=trixie&os_name=debian&os_version=unstable Affected range <1.21.3-5 Fixed version 1.21.3-5 Description krb5 1.21.3-5 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730) [bookworm] - krb5 (Minor issue) https://bugzilla.redhat.com/show_bug.cgi?id=2342796 Fixed by: krb5/krb5@78ceba0