Bastien Roucariès pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
475d855f by Bastien Roucariès at 2025-04-22T00:22:22+02:00
CVE-2025-2704/bullseye
not vulnerable code introduced later
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6331,6 +6331,7 @@ CVE-2025-27556 (An issue was discovered in Django 5.1
before 5.1.8 and 5.0 befor
NOTE:
https://www.djangoproject.com/weblog/2025/apr/02/security-releases/
CVE-2025-2704 (OpenVPN version 2.6.1 through 2.6.13 in server mode using
TLS-crypt-v2 ...)
- openvpn 2.6.14-1 (bug #1101935)
+ [bullseye] - openvpn <not-affected> (vulnerable code introduced later)
NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2025-2704
NOTE: Introduced after:
https://github.com/OpenVPN/openvpn/commit/788ce35cf09aff09b79f428cdd6cfc0ff8627934
(v2.6_beta1)
NOTE: Fixed by:
https://github.com/OpenVPN/openvpn/commit/d3015bfd65348db629dab51e20a9d4e2f3b23493
(v2.6.14)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/475d855f952828d2371f505974927f0e186b9c20
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/475d855f952828d2371f505974927f0e186b9c20
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
