Re: [PATCH 1/2] published: CVE-2025-0927: Fix up JSON schema.

[Siddh Raman Pant]

On Wed, Apr 02 2025 at 12:36:20 +0530, Greg Kroah-Hartman wrote:
> On Wed, Apr 02, 2025 at 12:21:52PM +0530, Siddh Raman Pant wrote:
> > It doesn't match the schema of other CVEs as it was not generated
> > by bippy.
> 
> It was created by vulnogram for obvious reasons :(
> 
> Also, please cc: cve@xxxxxxxxxx for stuff like this.

Okay, noted.

> 
> > Fixed by hand / manually.
> > 
> > programFiles were added from the info in mbox.
> 
> So this did two different things?  Why does the layout matter here?
> Eventually it will be created properly when someone gets the fix
> upstream, I'm waiting for Canonical to do it as they are responsible for
> fixing this mess at the moment, but don't seem to be responding to my
> emails anymore...

Apparently, they fixed it in February and backported it:

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?h=Ubuntu-6.8.0-54.56&id=09ad3b1e99befe042ae5219e4020eb54411d98ef

https://ubuntu.com/security/CVE-2025-0927

Thanks,
Siddh

Attachment: signature.asc
Description: This is a digitally signed message part