Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9178c89c by Salvatore Bonaccorso at 2025-12-11T21:48:02+01:00
Add CVE-2025-13912/wolfssl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -267,7 +267,11 @@ CVE-2025-14265 (In versions of ScreenConnect\u2122 prior
to 25.8, server-side va
CVE-2025-14046 (An improper neutralization of input vulnerability was
identified in Gi ...)
NOT-FOR-US: Github Enterprise Server
CVE-2025-13912 (Multiple constant-time implementations in wolfSSL before
version 5.8.4 ...)
- TODO: check
+ - wolfssl 5.8.4-1
+ [trixie] - wolfssl <no-dsa> (Minor issue)
+ [bookworm] - wolfssl <no-dsa> (Minor issue)
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9148
+ NOTE: Fixed by:
https://github.com/wolfSSL/wolfssl/commit/234ba7780ad3b7c8c1509973accdc43ed6c328b3
(v5.8.4-stable)
CVE-2025-13780 (pgAdmin versions up to 9.10 are affected by a Remote Code
Execution (R ...)
- pgadmin4 <itp> (bug #834129)
CVE-2025-13481 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an
authenticat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9178c89cc6990aacf438e2200d9edf03e20cd89a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9178c89cc6990aacf438e2200d9edf03e20cd89a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
