Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3c938267 by Moritz Mühlenhoff at 2025-09-30T16:22:35+02:00 new openssl issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,14 @@ +CVE-2025-9230 [Out-of-bounds read & write in RFC 3211 KEK Unwrap] + - openssl <unfixed> + NOTE: https://openssl-library.org/news/secadv/20250930.txt +CVE-2025-9231 [Timing side-channel in SM2 algorithm on 64 bit ARM] + - openssl <unfixed> + [bookworm] - openssl <not-affected> (Vulnerable code not present) + [bullseye] - openssl <not-affected> (Vulnerable code not present) + NOTE: https://openssl-library.org/news/secadv/20250930.txt +CVE-2025-9232 [Out-of-bounds read in HTTP client no_proxy handling] + - openssl <unfixed> + [bullseye] - openssl <not-affected> (Vulnerable code not present) CVE-2025-9993 (The Bei Fen \u2013 WordPress Backup Plugin plugin for WordPress is vul ...) NOT-FOR-US: WordPress plugin CVE-2025-9991 (The Tiny Bootstrap Elements Light plugin for WordPress is vulnerable t ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c9382673eb50f48aed2a01e40cba7cecda0ce5d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c9382673eb50f48aed2a01e40cba7cecda0ce5d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
