[Git][security-tracker-team/security-tracker][master] Add CVE-2025-25186/ruby

Wed, 12 Feb 2025 06:02:25 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ab699d77 by Salvatore Bonaccorso at 2025-02-12T15:01:33+01:00
Add CVE-2025-25186/ruby

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -974,7 +974,13 @@ CVE-2025-25188 (Hickory DNS is a Rust based DNS client, 
server, and resolver. A
        NOTE: 
https://github.com/hickory-dns/hickory-dns/security/advisories/GHSA-37wc-h8xc-5hc4
        NOTE: Fixed by: 
https://github.com/hickory-dns/hickory-dns/commit/e118c6eec569f4340421f86ee0686714010c63e9
 (0.24.3)
 CVE-2025-25186 (Net::IMAP implements Internet Message Access Protocol (IMAP) 
client fu ...)
-       TODO: check
+       - ruby3.3 <unfixed>
+       - ruby3.1 <removed>
+       NOTE: 
https://github.com/ruby/net-imap/security/advisories/GHSA-7fc5-f82f-cx69
+       NOTE: Fixed by: 
https://github.com/ruby/net-imap/commit/70e3ddd071a94e450b3238570af482c296380b35
 (v0.5.6)
+       NOTE: Fixed by: 
https://github.com/ruby/net-imap/commit/c8c5a643739d2669f0c9a6bb9770d0c045fd74a3
 (v0.4.19)
+       NOTE: Fixed by: 
https://github.com/ruby/net-imap/commit/cb92191b1ddce2d978d01b56a0883b6ecf0b1022
 (v0.3.8)
+       NOTE: Net::IMAP embedded in src:ruby* source package
 CVE-2025-24892 (OpenProject is open-source, web-based project management 
software. In  ...)
        NOT-FOR-US: OpenProject
 CVE-2025-24200 (An authorization issue was addressed with improved state 
management. T ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab699d77fc238c8645a0f8e727e084a9e58adcf5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab699d77fc238c8645a0f8e727e084a9e58adcf5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to