Skip to content

[automatic] Publish 5 advisories for util_linux_jll, Libuuid_jll and Libmount_jll #199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 27, 2025
Merged

[automatic] Publish 5 advisories for util_linux_jll, Libuuid_jll and Libmount_jll #199

merged 1 commit into from
Oct 27, 2025

Conversation

@jlsec-bot
Copy link
Contributor

@jlsec-bot jlsec-bot commented Oct 21, 2025
edited
Loading

This action searched --project=util-linux, checking 21 (+0) advisories from NVD and 0 (+0) from EUVD for advisories that pertain here. It identified 5 advisories as being related to the Julia package(s): util_linux_jll, Libuuid_jll, and Libmount_jll.

5 advisories found concrete vulnerable ranges

  • CVE-2021-37600 for packages: util_linux_jll, Libuuid_jll, and Libmount_jll
    • util_linux_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libuuid_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libmount_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
  • CVE-2021-3995 for packages: util_linux_jll, Libuuid_jll, and Libmount_jll
    • util_linux_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libuuid_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libmount_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
  • CVE-2021-3996 for packages: util_linux_jll, Libuuid_jll, and Libmount_jll
    • util_linux_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libuuid_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libmount_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
  • CVE-2022-0563 for packages: util_linux_jll, Libuuid_jll, and Libmount_jll
    • util_linux_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libuuid_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libmount_jll computed ["< 2.39.3+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
  • CVE-2024-28085 for packages: util_linux_jll, Libuuid_jll, and Libmount_jll
    • util_linux_jll computed ["< 2.40.1+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libuuid_jll computed ["< 2.40.0+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}
    • Libmount_jll computed ["< 2.40.0+0"]. Its latest version (2.41.2+0) has components: {util-linux = "2.41.2"}

mbauman
mbauman previously requested changes Oct 21, 2025
View reviewed changes
Copy link
Member

@mbauman mbauman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haha, don't think we need to publish an advisory from 2001.

@jlsec-bot jlsec-bot changed the title [automatic] Publish 21 advisories for util_linux_jll, Libuuid_jll and Libmount_jll [automatic] Publish 5 advisories for util_linux_jll, Libuuid_jll and Libmount_jll Oct 27, 2025
@jlsec-bot jlsec-bot force-pushed the search-project_util-linux branch from c4ee3d9 to e46e054 Compare October 27, 2025 15:41
@mbauman mbauman dismissed their stale review October 27, 2025 18:20

Fixed the old version numbers

@mbauman mbauman merged commit 9e2887e into JuliaLang:main Oct 27, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mbauman mbauman mbauman left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jlsec-bot @mbauman