Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cf971cd7 by Salvatore Bonaccorso at 2025-08-28T21:49:37+02:00 Correct assessment for CVE-2025-40779/isc-kea Link: https://bugs.debian.org/1112247#10 Thanks: Paride Legovini - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -14,9 +14,10 @@ CVE-2024-58240 [tls: separate no-async decryption request handling from async] - linux 6.7.9-1 NOTE: https://git.kernel.org/linus/41532b785e9d79636b3815a64ddf6a096647d011 (6.8-rc7) CVE-2025-40779 [Kea crash upon interaction between specific client options and subnet selection] - - isc-kea <unfixed> (bug #1112247) + - isc-kea <not-affected> (Vulnerable code introduced later, bug #1112247) NOTE: https://kb.isc.org/docs/cve-2025-40779 NOTE: Backport: https://gitlab.isc.org/isc-projects/kea/-/issues/4055 + NOTE: Introduced with: https://gitlab.isc.org/isc-projects/kea/-/commit/8f1742a2d6509c7edf5d63ed1d4eec53f9e016b0 (Kea-2.7.1) NOTE: https://gitlab.isc.org/isc-projects/kea/-/commit/0afd42b5dfb2e547b3c25023953892c1e578aba3 (Kea-3.1.1) NOTE: https://gitlab.isc.org/isc-projects/kea/-/commit/b25d7e8a81273e4099bf6c7f639ed774de2f3d08 (Kea-3.0.1) CVE-2025-9533 (A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf971cd772706798f7fb8875d8b4299bfbc43710 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf971cd772706798f7fb8875d8b4299bfbc43710 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
