Debian Incus vulnerabilities

CVE-2024-6156 [LOW] CVE-2024-6156: incus - Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypass... Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store. Scope: local forky: resolved (fixed in 6.0.3-1) sid: resolved (fixed in 6.0.3-1) trixie: resolved (fixed in 6.0.3-1)

CVE-2024-6219 [LOW] CVE-2024-6219: incus - Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted... Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured. Scope: local forky: resolved sid: resolved trixie: resolved

CVE-2023-49721 [MEDIUM] CVE-2023-49721: incus - An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This al... An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot. Scope: local forky: resolved sid: resolved trixie: resolved