Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cdb5f5cb by Salvatore Bonaccorso at 2025-05-17T11:59:22+02:00
Track several fixes for weechat issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -310,35 +310,35 @@ CVE-2025-37890 (In the Linux kernel, the following
vulnerability has been resolv
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/141d34391abbb315d68556b7c67ad97885407547 (6.15-rc5)
CVE-2025-XXXX [Buffer overflow in range of chars in evaluated expressions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-7/
NOTE: Fixed by:
https://github.com/weechat/weechat/commit/3db2f71112ea85fa88b57f2c91be66a91ad7c078
(v4.6.3)
CVE-2025-XXXX [Buffer overflow in base 32 encoding in evaluated expressions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-6/
NOTE: Fixed by:
https://github.com/weechat/weechat/commit/09917a807bcd71adf25e51f24200e7b7a5b8ff6f
(v4.6.3)
CVE-2025-XXXX [Buffer overflow in syntax highlighting of evaluated expressions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
[bookworm] - weechat <not-affected> (Vulnerable code not present)
[bullseye] - weechat <not-affected> (Vulnerable code not present)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-5/
NOTE: Introduced with:
https://github.com/weechat/weechat/commit/87f74e9f9544a7e3b7e4ffd0acc40841b8eb79e8
(v4.2.0)
NOTE: Fixed by:
https://github.com/weechat/weechat/commit/334f88ae2c5f221e63b163a3c3ad4c98e437be35
(v4.6.3)
CVE-2025-XXXX [Buffer overflow in parsing of date/time]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-4/
NOTE: Introduced with:
https://github.com/weechat/weechat/commit/f6ba789c3d33bdc1bcc6c00e9660ffbd9f2ba514
(v4.2.0)
NOTE: Fixed by:
https://github.com/weechat/weechat/commit/2e146456913b6bc21b65dc89c69bce17b83e6264
(v4.6.3)
CVE-2025-XXXX [Integer overflow in conversion of version to an integer]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-3/
NOTE: Fixed by:
https://github.com/weechat/weechat/commit/5839df90e7d4f5680186c2d2993d5701115d8c78
(v4.6.3)
CVE-2025-XXXX [Integer overflow in base32 decode/encode functions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-2/
NOTE: Fixed by:
https://github.com/weechat/weechat/commit/60824530026d2461220fa7c7c99c0278665e2150
(v4.6.3)
CVE-2025-XXXX [Integer overflow with decimal numbers in calculation of
expression]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-1/
NOTE: Fixed by:
https://github.com/weechat/weechat/commit/d0568dce79c350a4c11609c66587bc3e4cc00eba
(v4.6.3)
CVE-2025-4759 (Versions of the package lockfile-lint-api before 5.9.2 are
vulnerable ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdb5f5cb93eceb4e255b51230c270a95e368be24
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdb5f5cb93eceb4e255b51230c270a95e368be24
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
