Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ad751558 by Salvatore Bonaccorso at 2025-04-30T23:56:34+02:00
Mark CVE-2025-2704/openvpn as no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8315,6 +8315,7 @@ CVE-2025-27556 (An issue was discovered in Django 5.1
before 5.1.8 and 5.0 befor
NOTE:
https://www.djangoproject.com/weblog/2025/apr/02/security-releases/
CVE-2025-2704 (OpenVPN version 2.6.1 through 2.6.13 in server mode using
TLS-crypt-v2 ...)
- openvpn 2.6.14-1 (bug #1101935)
+ [bookworm] - openvpn <no-dsa> (Minor issue)
[bullseye] - openvpn <not-affected> (vulnerable code introduced later)
NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2025-2704
NOTE: Introduced after:
https://github.com/OpenVPN/openvpn/commit/788ce35cf09aff09b79f428cdd6cfc0ff8627934
(v2.6_beta1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad75155824316d1d687f45864b3244f7ec0d0c94
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad75155824316d1d687f45864b3244f7ec0d0c94
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
