Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e16b92f6 by Salvatore Bonaccorso at 2026-05-06T11:50:38+02:00
Mark 389-ds-base as no-dsa and track update via trixie-pu
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -37499,6 +37499,8 @@ CVE-2025-40701 (Reflected Cross-Site Scripting
vulnerability in SOTESHOP, versio
NOT-FOR-US: SOTESHOP
CVE-2025-14905 (A flaw was found in the 389-ds-base server. A heap buffer
overflow vul ...)
- 389-ds-base 3.1.2+vendor1-2 (bug #1130910)
+ [trixie] - 389-ds-base <no-dsa> (Minor issue; can be fixed via point
release)
+ [bookworm] - 389-ds-base <no-dsa> (Minor issue; can be fixed via point
release)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2423624
NOTE: Fixed by:
https://github.com/389ds/389-ds-base/commit/2e424110def2e3998f6045e136fb0d43f47b7f5a
(main)
CVE-2026-2998 (ERP developed by eAI Technologies has a DLL Hijacking
vulnerability, a ...)
=====================================
data/next-point-update.txt
=====================================
@@ -424,3 +424,5 @@ CVE-2026-28780
[trixie] - apache2 2.4.67-1~deb13u1
CVE-2026-40254
[trixie] - freerdp3 3.15.0+dfsg-2.1+deb13u3
+CVE-2025-14905
+ [trixie] - 389-ds-base 3.1.2+dfsg1-1+deb13u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e16b92f6bdd8f6912727880d60ac4871e923d294
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e16b92f6bdd8f6912727880d60ac4871e923d294
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
