Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
abe5afd7 by Adrian Bunk at 2025-08-09T18:19:39+03:00
CVE-2025-32989/gnutls28 does not affect bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7874,8 +7874,10 @@ CVE-2025-32990 (A heap-buffer-overflow (off-by-one) flaw
was found in the GnuTLS
CVE-2025-32989 (A heap-buffer-overread vulnerability was found in GnuTLS in
how it han ...)
{DSA-5962-1}
- gnutls28 3.8.9-3
+ [bullseye] - gnutls28 <not-affected> (Vulnerable code introduced later)
NOTE:
https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1695
+ NOTE: Introduced by:
https://gitlab.com/gnutls/gnutls/-/commit/242abb6945cbb56c4a41c393d0253ea5b9d3a36a
(3.7.3)
NOTE: Fixed by:
https://gitlab.com/gnutls/gnutls/-/commit/8e5ca951257202089246fa37e93a99d210ee5ca2
(3.8.10)
CVE-2025-32988 (A flaw was found in GnuTLS. A double-free vulnerability exists
in GnuT ...)
{DSA-5962-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe5afd712a406dcf8881f4097cf659780e87b09
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe5afd712a406dcf8881f4097cf659780e87b09
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
