Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
593db3cf by Salvatore Bonaccorso at 2026-01-07T08:39:14+01:00
Update status for CVE-2025-13034/curl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,10 +1,11 @@
CVE-2025-13034 [No QUIC certificate pinning with GnuTLS]
- - curl <unfixed>
+ - curl 8.18.0~rc2-1
+ [trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <not-affected> (Vulnerable code introduced later)
[bullseye] - curl <not-affected> (Vulnerable code introduced later)
NOTE: https://curl.se/docs/CVE-2025-13034.html
NOTE: Introduced with:
https://github.com/curl/curl/commit/3210101088dfa3d6a125d213226b092f2f866722
(curl-8_8_0)
- NOTE: Fixed by:
https://github.com/curl/curl/commit/3d91ca8cdb3b434226e743946d428b4dd3acf2c9
(curl-8_18_0)
+ NOTE: Fixed by:
https://github.com/curl/curl/commit/3d91ca8cdb3b434226e743946d428b4dd3acf2c9
(rc-8_18_0-1, curl-8_18_0)
CVE-2026-0628
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/593db3cfc82c0f2d72af4e412fe2cd8f244b5741
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/593db3cfc82c0f2d72af4e412fe2cd8f244b5741
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
