Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0cd87aa6 by Salvatore Bonaccorso at 2025-05-01T09:10:56+02:00
Add CVE-2025-43857/ruby (Net::IMAP embedded in ruby)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -578,7 +578,28 @@ CVE-2025-45949 (A critical vulnerability was found in
PHPGurukul User Registrati
CVE-2025-45947 (An issue in phpgurukul Online Banquet Booking System V1.2
allows an at ...)
NOT-FOR-US: PHPGurukul
CVE-2025-43857 (Net::IMAP implements Internet Message Access Protocol (IMAP)
client fu ...)
- TODO: check
+ - ruby3.3 <unfixed>
+ - ruby3.1 <removed>
+ [bookworm] - ruby3.1 <no-dsa> (Minor issue)
+ NOTE:
https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj
+ NOTE: https://github.com/ruby/net-imap/pull/444
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/0ae8576c1a90bcd9573f81bdad4b4b824642d105
(v0.5.7)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/b6bdee27a5cd38dd386042f43fec160840fe7562
(v0.5.7)
+ NOTE: https://github.com/ruby/net-imap/pull/445
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/ddcaabd4fecbd1b0d4b3202bc1befed685d06562
(v0.4.20)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/19bea631c31b82798a4047ac3a6737a41054e45a
(v0.4.20)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/641c4c451e7c35f72726f7b19342c6de4143977c
(v0.4.20)
+ NOTE: https://github.com/ruby/net-imap/pull/446
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/53ceba1e97cbc3ac4d141077732178cc8bc79476
(v0.3.9)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/158cfdff54f3961b0ec628136444e3b0b0bb1736
(v0.3.9)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/ae0fa010bb5e3c95b9beee31af607d4dba619d63
(v0.3.9)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/e0059251e854cb03d5209c682ba3484fcb6953cd
(v0.3.9)
+ NOTE: https://github.com/ruby/net-imap/pull/447
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/20c16a2eaec1dc6775675abbd8f3f2c412e7533f
(v0.2.5)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/5431e16b779254ad7b2786e4367bc04328418264
(v0.2.5)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/450bb4d757d9b9f2866ebd6e1efdd5d94a311b05
(v0.2.5)
+ NOTE: Fixed by:
https://github.com/ruby/net-imap/commit/673cab874374670fca850dc0e16ddc62ee3b8a68
(v0.2.5)
+ NOTE: Net::IMAP embedded in src:ruby* source package
CVE-2025-43854 (DIFY is an open-source LLM app development platform. Prior to
version ...)
NOT-FOR-US: Dify
CVE-2025-42598 (Multiple SEIKO EPSON printer drivers for Windows OS are
configured wit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0cd87aa667b54171d63c0b7bf38f91dcee809dc1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0cd87aa667b54171d63c0b7bf38f91dcee809dc1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
