Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 628520ed by Salvatore Bonaccorso at 2025-11-19T07:35:08+01:00 Add two new openvpn CVEs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,10 @@ +CVE-2025-12106 [IPv6 address parsing: fix buffer overread on invalid input] + - openvpn <not-affected> (Vulnerable code only in 2.7 upstream) + NOTE: https://community.openvpn.net/Security%20Announcements/CVE-2025-12106 +CVE-2025-13086 [HMAC verification check: fix incorrect memcmp() call] + [experimental] - openvpn 2.7.0~rc2-1 + - openvpn <unfixed> + NOTE: https://community.openvpn.net/Security%20Announcements/CVE-2025-13086 CVE-2025-64438 - fastdds <unfixed> NOTE: Fixed by: https://github.com/eProsima/Fast-DDS/commit/0b0cb308eaeeb2175694aa0a0a723106824ce9a7 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/628520edb6e6f3ee5900a76e44e2e3c58c7a48ce -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/628520edb6e6f3ee5900a76e44e2e3c58c7a48ce You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
