Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
da8962e7 by Salvatore Bonaccorso at 2026-03-15T21:11:30+01:00
Add Debian bug reference for CVE-2025-14905/389-ds-base
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8778,10 +8778,9 @@ CVE-2025-40986 (Reflected Cross-Site Scripting (XSS)
vulnerability in PideTuCita
CVE-2025-40701 (Reflected Cross-Site Scripting vulnerability in SOTESHOP,
version 8.3. ...)
NOT-FOR-US: SOTESHOP
CVE-2025-14905 (A flaw was found in the 389-ds-base server. A heap buffer
overflow vul ...)
- - 389-ds-base <unfixed>
+ - 389-ds-base <unfixed> (bug #1130910)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2423624
- TODO: check details
- NOTE: Fixed by:
https://github.com/389ds/389-ds-base/commit/2e424110def2e3998f6045e136fb0d43f47b7f5a
+ NOTE: Fixed by:
https://github.com/389ds/389-ds-base/commit/2e424110def2e3998f6045e136fb0d43f47b7f5a
(main)
CVE-2026-2998 (ERP developed by eAI Technologies has a DLL Hijacking
vulnerability, a ...)
NOT-FOR-US: ERP eAI Technologies
CVE-2026-2997 (Tronclass developed by WisdomGarden has a Insecure Direct
Object Refer ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da8962e7f54ff79b82a7443d92eff19175e7635a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da8962e7f54ff79b82a7443d92eff19175e7635a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
