[Git][security-tracker-team/security-tracker][master] libcoap3 fixed in sid

Moritz Muehlenhoff (@jmm) Sun, 21 Dec 2025 04:59:33 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
583805aa by Moritz Muehlenhoff at 2025-12-21T13:59:00+01:00
libcoap3 fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6940,7 +6940,7 @@ CVE-2025-61318 (Emlog Pro 2.5.20 has an arbitrary file 
deletion vulnerability. T
 CVE-2025-60912 (phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) 
vulnerabil ...)
        - phpipam <itp> (bug #731713)
 CVE-2025-59391 (A memory disclosure vulnerability exists in libcoap's OSCORE 
configura ...)
-       - libcoap3 <unfixed> (bug #1122290)
+       - libcoap3 4.3.5-2 (bug #1122290)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        NOTE: https://github.com/obgm/libcoap/pull/1730
@@ -10655,7 +10655,7 @@ CVE-2025-65503 (Use after free in endpoint destructors 
in Redboltz async_mqtt 10
 CVE-2025-65502 (Null pointer dereference in add_ca_certs() in Cesanta Mongoose 
before  ...)
        NOT-FOR-US: Cesenta Mongoose
 CVE-2025-65501 (Null pointer dereference in coap_dtls_info_callback() in OISM 
libcoap  ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10663,7 +10663,7 @@ CVE-2025-65501 (Null pointer dereference in 
coap_dtls_info_callback() in OISM li
        NOTE: https://github.com/obgm/libcoap/issues/1748
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65500 (NULL pointer dereference in coap_dtls_generate_cookie() in 
src/coap_op ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10671,7 +10671,7 @@ CVE-2025-65500 (NULL pointer dereference in 
coap_dtls_generate_cookie() in src/c
        NOTE: https://github.com/obgm/libcoap/issues/1746
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65499 (Array index error in tls_verify_call_back() in 
src/coap_openssl.c in O ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10679,7 +10679,7 @@ CVE-2025-65499 (Array index error in 
tls_verify_call_back() in src/coap_openssl.
        NOTE: https://github.com/obgm/libcoap/issues/1747
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65498 (NULL pointer dereference in coap_dtls_generate_cookie() in 
src/coap_op ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10687,7 +10687,7 @@ CVE-2025-65498 (NULL pointer dereference in 
coap_dtls_generate_cookie() in src/c
        NOTE: https://github.com/obgm/libcoap/issues/1746
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65497 (NULL pointer dereference in coap_dtls_generate_cookie() in 
src/coap_op ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10695,7 +10695,7 @@ CVE-2025-65497 (NULL pointer dereference in 
coap_dtls_generate_cookie() in src/c
        NOTE: https://github.com/obgm/libcoap/issues/1745
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65496 (NULL pointer dereference in coap_dtls_generate_cookie() in 
src/coap_op ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10703,7 +10703,7 @@ CVE-2025-65496 (NULL pointer dereference in 
coap_dtls_generate_cookie() in src/c
        NOTE: https://github.com/obgm/libcoap/issues/1745
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65495 (Integer signedness error in tls_verify_call_back() in 
src/coap_openssl ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10711,7 +10711,7 @@ CVE-2025-65495 (Integer signedness error in 
tls_verify_call_back() in src/coap_o
        NOTE: https://github.com/obgm/libcoap/issues/1744
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65494 (NULL pointer dereference in get_san_or_cn_from_cert() in 
src/coap_open ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>
@@ -10719,7 +10719,7 @@ CVE-2025-65494 (NULL pointer dereference in 
get_san_or_cn_from_cert() in src/coa
        NOTE: https://github.com/obgm/libcoap/issues/1745
        NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65493 (NULL pointer dereference in src/coap_openssl.c in OISM libcoap 
4.3.5 a ...)
-       - libcoap3 <unfixed> (bug #1121415)
+       - libcoap3 4.3.5-2 (bug #1121415)
        [trixie] - libcoap3 <no-dsa> (Minor issue)
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        - libcoap2 <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/583805aaddc069ff9b0d8f2d32913291340d0f50

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/583805aaddc069ff9b0d8f2d32913291340d0f50
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] libcoap3 fixed in sid

Reply via email to